From: Paul Eggert Date: Sat, 2 Apr 2005 06:39:37 +0000 (+0000) Subject: * src/xheader.c (decode_record): Don't dump core when given X-Git-Url: https://git.brokenzipper.com/gitweb?a=commitdiff_plain;h=ad0bd3c9c4ddf41e84857a90fc168e6e7469d370;p=chaz%2Ftar * src/xheader.c (decode_record): Don't dump core when given a corrupted extended header. --- diff --git a/ChangeLog b/ChangeLog index 2f1ba59..9500b2a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,16 @@ +2005-04-02 Paul Eggert + + * src/xheader.c (decode_record): Don't dump core when given + a corrupted extended header. Problem reported by Jim Meyering. + Also, check for other ways that the header might be invalid, + e.g., missing newline at end. Do not allow keys with nulls. + Allow blanks before and after length, as POSIX requires. + Do not allow leading "-" in length. Check for length overflow. + (xheader_decode, xheader_decode_global): Let decode_record + check for exhaustion of record. + (xheader_read): Null-terminate the extended record; + decode_record relies on this. + 2005-03-21 Paul Eggert * bootstrap (TP_URL): Change from