Re: [pacman-dev] [PATCH] Prevent stack overflow on symbolic link access.

On 06/04/16 at 12:58pm, Tobias Stoeckmann wrote: > On Sat, Jun 04, 2016 at 05:29:55PM +1000, Allan McRae wrote: > > I get this warning when building: > > > > check.c: In function ?check_file_link?: > > check.c:133:16: error: unused parameter ?st? [-Werror=unused-parameter] > >struct stat *st,

Re: [pacman-dev] [PATCH] Release resources on error paths.

On 06/05/16 at 07:51pm, Tobias Stoeckmann wrote: > Some resources (memory or file descriptors) are not released on all > error paths. > > Signed-off-by: Tobias Stoeckmann > --- > Yes it's rather ironic to send this patch after forgetting one on > my own just now. ;) > ---

Re: [pacman-dev] [PATCH] Always use proper error code in alpm_initialize.

On 06/05/16 at 07:23pm, Tobias Stoeckmann wrote: > In out of memory conditions, an undefined error value is written > into *err, because myerr is never explicitly set in these cases. > > I have also converted a calloc into a MALLOC call, because the memory > will be properly filled by the

Re: [pacman-dev] [PATCH] Reject files larger than INT_MAX in read_sigfile.

On 06/05/16 at 07:49pm, Tobias Stoeckmann wrote: > Signature files larger than INT_MAX are already suspicious, > but if they are larger than SIZE_MAX, this code couldn't even > copy them into memory, accepting them as "blank" files at worst. > > While adding the INT_MAX check, I also rearranged

[pacman-dev] [PATCH] Release resources on error paths.

Some resources (memory or file descriptors) are not released on all error paths. Signed-off-by: Tobias Stoeckmann --- Yes it's rather ironic to send this patch after forgetting one on my own just now. ;) --- lib/libalpm/add.c| 5 - lib/libalpm/backup.c |

Re: [pacman-dev] [PATCH] Reject files larger than INT_MAX in read_sigfile.

Signature files larger than INT_MAX are already suspicious, but if they are larger than SIZE_MAX, this code couldn't even copy them into memory, accepting them as "blank" files at worst. While adding the INT_MAX check, I also rearranged the code to avoid a quite harmless TOCTOU race condition

Re: [pacman-dev] [PATCH] Reject files larger than INT_MAX in read_sigfile.

On 05.06.2016 19:37, Tobias Stoeckmann wrote: > diff --git a/lib/libalpm/be_package.c b/lib/libalpm/be_package.c > index c9ed770..055fb1e 100644 > --- a/lib/libalpm/be_package.c > +++ b/lib/libalpm/be_package.c > @@ -700,17 +700,16 @@ static int read_sigfile(const char *sigpath, unsigned > char

[pacman-dev] [PATCH] Reject files larger than INT_MAX in read_sigfile.

Signature files larger than INT_MAX are already suspicious, but if they are larger than SIZE_MAX, this code couldn't even copy them into memory, accepting them as "blank" files at worst. While adding the INT_MAX check, I also rearranged the code to avoid a quite harmless TOCTOU race condition

[pacman-dev] [PATCH] Always use proper error code in alpm_initialize.

In out of memory conditions, an undefined error value is written into *err, because myerr is never explicitly set in these cases. I have also converted a calloc into a MALLOC call, because the memory will be properly filled by the snprintf call right after it. Signed-off-by: Tobias Stoeckmann