Skip to content

Commit

Permalink
bb11946 - check that tar checksum is within bounds. Patch supplied by…
Browse files Browse the repository at this point in the history 
… Suleman Ali.
  • Loading branch information
@steve-morgan
steve-morgan committed Oct 27, 2017
1 parent 7732667 commit 292d687
Showing 1 changed file with 3 additions and 0 deletions.
3 changes: 3 additions & 0 deletions libclamav/untar.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -182,6 +182,9 @@ cli_untar(const char *dir, unsigned int posix, cli_ctx *ctx)
if((ret=cli_checklimits("cli_untar", ctx, 0, 0, 0))!=CL_CLEAN)
return ret;

if (nread < TARCHECKSUMOFFSET + TARCHECKSUMLEN)
return ret;

checksum = getchecksum(block);
cli_dbgmsg("cli_untar: Candidate checksum = %d, [%o in octal]\n", checksum, checksum);
if(testchecksum(block, checksum) != 0) {
Expand Down

0 comments on commit 292d687

Please sign in to comment.