Skip to content

Commit fd7e0c0

Browse files
committed
Reject cpio symlinks that exceed 1MB
1 parent f48d99b commit fd7e0c0

File tree

1 file changed

+5
-0
lines changed

1 file changed

+5
-0
lines changed

Diff for: libarchive/archive_read_support_format_cpio.c

+5
Original file line numberDiff line numberDiff line change
@@ -401,6 +401,11 @@ archive_read_format_cpio_read_header(struct archive_read *a,
401401

402402
/* If this is a symlink, read the link contents. */
403403
if (archive_entry_filetype(entry) == AE_IFLNK) {
404+
if (cpio->entry_bytes_remaining > 1024 * 1024) {
405+
archive_set_error(&a->archive, ENOMEM,
406+
"Rejecting malformed cpio archive: symlink contents exceed 1 megabyte");
407+
return (ARCHIVE_FATAL);
408+
}
404409
h = __archive_read_ahead(a,
405410
(size_t)cpio->entry_bytes_remaining, NULL);
406411
if (h == NULL)

0 commit comments

Comments
 (0)