cpio-2.4.2 signed-unsigned int disagreement with malloc

bug-gnu-utils

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

cpio-2.4.2 signed-unsigned int disagreement with malloc

From:	Antonomasia
Subject:	cpio-2.4.2 signed-unsigned int disagreement with malloc
Date:	Mon, 27 Nov 2000 07:05:01 GMT

copyin.c:
534    link_name = (char *) xmalloc ((unsigned int) file_hdr.c_filesize + 1);
535    link_name[file_hdr.c_filesize] = '\0';

file_hdr.c_filesize can be a large negative number as seen here then the
char set to 0 is outside the range obtained.

$  ./cpio -ivt < testfile
./cpio: warning: skipped 13059 bytes of junk
./cpio: warning: archive header has reverse byte-order
./cpio: warning: skipped 3768 bytes of junk
./cpio: warning: skipped 2588 bytes of junk
XXX file_hdr.c_filesize=-795829197
Segmentation fault
address@hidden cpio-2.4.2]$ exit


--
##############################################################
# Antonomasia   address@hidden                      #
# See http://www.notatla.demon.co.uk/                        #
##############################################################

[Prev in Thread]

Current Thread

[Next in Thread]

cpio-2.4.2 signed-unsigned int disagreement with malloc, Antonomasia <=

Prev by Date: If yer lookin for a good pay site go here !!!!
Next by Date: patch 2.5.4 and the evolution of leading garbage handling
Previous by thread: If yer lookin for a good pay site go here !!!!
Next by thread: patch 2.5.4 and the evolution of leading garbage handling
Index(es):
- Date
- Thread