| Message ID | 20170510225457.18270-2-andrew.gregory.8@gmail.com |
|---|---|
| State | Accepted, archived |
| Headers | show
Return-Path: <pacman-dev-bounces@archlinux.org> Delivered-To: patchwork@archlinux.org Received: from nymeria.archlinux.org by nymeria.archlinux.org (Dovecot) with LMTP id 85wyDkqaE1mxEAAAtiB/HQ for <patchwork@archlinux.org>; Thu, 11 May 2017 00:55:06 +0200 Received: from nymeria.archlinux.org (localhost.localdomain [127.0.0.1]) by nymeria.archlinux.org (Postfix) with ESMTP id F1CB340433; Thu, 11 May 2017 00:55:04 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on nymeria.archlinux.org X-Spam-Level: X-Spam-Status: No, score=-4.1 required=2.5 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED, DKIM_SIGNED,FREEMAIL_FROM,RCVD_IN_DNSWL_MED,T_DKIM_INVALID shortcircuit=no autolearn=ham autolearn_force=no version=3.4.1 Received: from luna.archlinux.org (luna.archlinux.org [IPv6:2a01:4f8:160:3033::2]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by nymeria.archlinux.org (Postfix) with ESMTPS; Thu, 11 May 2017 00:55:04 +0200 (CEST) Received: from luna.archlinux.org (luna.archlinux.org [127.0.0.1]) by luna.archlinux.org (Postfix) with ESMTP id BB0152C130; Wed, 10 May 2017 22:55:04 +0000 (UTC) Authentication-Results: luna.archlinux.org; dkim=fail reason="signature verification failed" (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=DxmFN1PB Received: from luna.archlinux.org (luna.archlinux.org [127.0.0.1]) by luna.archlinux.org (Postfix) with ESMTP id 28D872C0EB for <pacman-dev@lists.archlinux.org>; Wed, 10 May 2017 22:55:01 +0000 (UTC) Received: from nymeria.archlinux.org (nymeria.archlinux.org [89.238.67.251]) by luna.archlinux.org (Postfix) with ESMTPS for <pacman-dev@lists.archlinux.org>; Wed, 10 May 2017 22:55:01 +0000 (UTC) Received: from nymeria.archlinux.org (localhost.localdomain [127.0.0.1]) by nymeria.archlinux.org (Postfix) with ESMTP id 9A291402A7 for <pacman-dev@archlinux.org>; Thu, 11 May 2017 00:54:59 +0200 (CEST) Received: from mail-yb0-x22c.google.com (mail-yb0-x22c.google.com [IPv6:2607:f8b0:4002:c09::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by nymeria.archlinux.org (Postfix) with ESMTPS for <pacman-dev@archlinux.org>; Thu, 11 May 2017 00:54:59 +0200 (CEST) Received: by mail-yb0-x22c.google.com with SMTP id s22so2528911ybe.3 for <pacman-dev@archlinux.org>; Wed, 10 May 2017 15:54:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id; bh=9HkzJIuiV4hqLJHlnY6RHxiFaFe8V2fZaBfp+F66eYQ=; b=DxmFN1PBODo+Dmv/kDclXZvPx/8dBLZ54m7MHVNZplantBVROTWQ7El9+A4WgT7otM yWiRNGKV9c4+EOuscUTA4u5urIEsei55vwB6QEu7xPd3hXaDupLpGlboL4c2Wi/W/44b GbfOYPtL6q/R8yH1dEfZruNY4JGk7tycJo4n0M4ZFzIIdNABhENyHF3vyBLCd7xRRWxL NC3z9l7TvPK9vreq/r0WZOS51d2R2Foks4r7UsED6m+8r1NAfcYy9SmZVT5Y5ubAqxjF sNDRMZPDFyoHLA9ECArgZifaa9dX3yaxR2n9wBuurzwPqVYWFTRL4vmmRe1Mf8o6ZOmV z3MQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=9HkzJIuiV4hqLJHlnY6RHxiFaFe8V2fZaBfp+F66eYQ=; b=ef6ZfrrVTAcuJ6foCR8+EJ97UpxpqFDDsmFn+H68HHTPuaoeUtohlLHIHjVbpT9WXv 10heP2rHM+hgSlyXBRPlsEZWF/VhrTlW1r5tjzbrsok9LvZZDpzh5xx8vh2TzFwz34Wg cOH5EfwZ2M/philf7w2ANNSYfZShV3ZnFoiDxGuZDigfNJmm4DB9+MQnwQOt5FL2+sz3 cWoMG14837M+UGWco/AudnRc7w07DGSxjbF2geYfrAF/Ed5qP0mCwmVtvX2ArEfPmT+I mkNSUoNp51gQsSASiUG6wCccUi7Ws4csVbAXo0CVcpxuRzZT07rJAehMw4Hk14NeAJdL uNpA== X-Gm-Message-State: AODbwcDVEELE2DP08/QedRNAQrU/NVFCmR8BPO2nytYz1PgpUHdD70iP WXseWg6R2v8/fmGM X-Received: by 10.37.97.13 with SMTP id v13mr7074967ybb.136.1494456898144; Wed, 10 May 2017 15:54:58 -0700 (PDT) Received: from b42-desktop.local (cpe-76-182-123-164.nc.res.rr.com. [76.182.123.164]) by smtp.gmail.com with ESMTPSA id a17sm275405ywh.20.2017.05.10.15.54.57 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 10 May 2017 15:54:57 -0700 (PDT) From: Andrew Gregory <andrew.gregory.8@gmail.com> To: pacman-dev@archlinux.org Date: Wed, 10 May 2017 18:54:54 -0400 Message-Id: <20170510225457.18270-2-andrew.gregory.8@gmail.com> X-Mailer: git-send-email 2.12.2 Subject: [pacman-dev] [PATCH 2/5] query_fileowner: avoid buffer overflow X-BeenThere: pacman-dev@archlinux.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Discussion list for pacman development <pacman-dev.archlinux.org> List-Unsubscribe: <https://lists.archlinux.org/options/pacman-dev>, <mailto:pacman-dev-request@archlinux.org?subject=unsubscribe> List-Archive: <https://lists.archlinux.org/pipermail/pacman-dev/> List-Post: <mailto:pacman-dev@archlinux.org> List-Help: <mailto:pacman-dev-request@archlinux.org?subject=help> List-Subscribe: <https://lists.archlinux.org/listinfo/pacman-dev>, <mailto:pacman-dev-request@archlinux.org?subject=subscribe> Reply-To: Discussion list for pacman development <pacman-dev@archlinux.org> Cc: Andrew Gregory <andrew.gregory.8@gmail.com> Errors-To: pacman-dev-bounces@archlinux.org Sender: "pacman-dev" <pacman-dev-bounces@archlinux.org> X-UID: 398 Status: X-Keywords: Content-Length: 764 |
| Series |
[pacman-dev,1/5] alpm_unlock: check handle before dereferencing
|
expand
|
diff --git a/src/pacman/query.c b/src/pacman/query.c index 119764bc..247423fa 100644 --- a/src/pacman/query.c +++ b/src/pacman/query.c @@ -205,6 +205,7 @@ static int query_fileowner(alpm_list_t *targets) size_t rlen = strlen(rpath); if(rlen + 2 >= PATH_MAX) { pm_printf(ALPM_LOG_ERROR, _("path too long: %s/\n"), rpath); + goto targcleanup; } strcat(rpath + rlen, "/"); }
Copying a string into a buffer that has just been determined to not be able to hold it is obviously incorrect. The actual error handling appears to have been unintentionally removed in 47762ab687959e48acc2de8592fcf3ba3cfa502b. Signed-off-by: Andrew Gregory <andrew.gregory.8@gmail.com> --- src/pacman/query.c | 1 + 1 file changed, 1 insertion(+)