| commit | 5356621172d669d8f62e7e746a6c7a11345aec4e | |
| author | Guillem Jover <guillem@debian.org> | |
| Tue, 3 Jan 2023 22:29:05 +0000 (3 23:29 +0100) | ||
| committer | Guillem Jover <guillem@debian.org> | |
| Tue, 3 Jan 2023 22:38:08 +0000 (3 23:38 +0100) | ||
| tree | 4b177e5a6d0e2d1faa73ca3eb9b597a384496fd7 | treesnapshot (tar.gz zip) |
| parent | 012e394e0212f6996fdefa00df47d972ad25d2d2 | commitdiff |
dpkg-deb: Fix buffer overflow on long directory names with old deb formats
The handling for deb 0.x formats that relocates files around once
extracted was using a buffer with a hardcoded size, not taking into
account the length of the directory which would overflow it.
Switch to use a dynamically allocated buffer to handle any destination
directory length.
Reported-by: Georgy Yakovlev <gyakovlev@gentoo.org>
The handling for deb 0.x formats that relocates files around once
extracted was using a buffer with a hardcoded size, not taking into
account the length of the directory which would overflow it.
Switch to use a dynamically allocated buffer to handle any destination
directory length.
Reported-by: Georgy Yakovlev <gyakovlev@gentoo.org>
| src/deb/extract.c | diffblobblamehistory |