tar: tighten up pax header validity check

function                                             old     new   delta
get_header_tar                                      1785    1795     +10

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
This commit is contained in:
Denys Vlasenko 2014-01-10 18:02:38 +01:00
parent 604b7b6cc0
commit 0f592d7fb9

View File

@ -115,7 +115,9 @@ static void process_pax_hdr(archive_handle_t *archive_handle, unsigned sz, int g
*/
p += len;
sz -= len;
if ((int)sz < 0
if (
/** (int)sz < 0 - not good enough for huge malicious VALUE of 2^32-1 */
(int)(sz|len) < 0 /* this works */
|| len == 0
|| errno != EINVAL
|| *end != ' '