From ad0bd3c9c4ddf41e84857a90fc168e6e7469d370 Mon Sep 17 00:00:00 2001 From: Paul Eggert Date: Sat, 2 Apr 2005 06:39:37 +0000 Subject: [PATCH] * src/xheader.c (decode_record): Don't dump core when given a corrupted extended header. --- ChangeLog | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/ChangeLog b/ChangeLog index 2f1ba59..9500b2a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,16 @@ +2005-04-02 Paul Eggert + + * src/xheader.c (decode_record): Don't dump core when given + a corrupted extended header. Problem reported by Jim Meyering. + Also, check for other ways that the header might be invalid, + e.g., missing newline at end. Do not allow keys with nulls. + Allow blanks before and after length, as POSIX requires. + Do not allow leading "-" in length. Check for length overflow. + (xheader_decode, xheader_decode_global): Let decode_record + check for exhaustion of record. + (xheader_read): Null-terminate the extended record; + decode_record relies on this. + 2005-03-21 Paul Eggert * bootstrap (TP_URL): Change from -- 2.45.2