summaryrefslogtreecommitdiffstats
path: root/lib/libalpm
diff options
context:
space:
mode:
authorDan McGee <dan@archlinux.org>2008-11-30 17:17:00 -0600
committerDan McGee <dan@archlinux.org>2008-11-30 17:17:00 -0600
commitb99bebc008dcf944a88f99bb44ac9029557e4149 (patch)
treeee1695ff661d08c0f5421afaa83ae0488fa3c777 /lib/libalpm
parenta50b067470a8046dabdff66f6266d2208b2f8372 (diff)
downloadpacman-b99bebc008dcf944a88f99bb44ac9029557e4149.tar.xz
Add regex to delta code so we don't segfault when reading line
If the delta line doesn't match our regex, we won't go and process it, possibly walking off the end of the string. Signed-off-by: Dan McGee <dan@archlinux.org>
Diffstat (limited to 'lib/libalpm')
-rw-r--r--lib/libalpm/be_files.c5
-rw-r--r--lib/libalpm/delta.c15
2 files changed, 19 insertions, 1 deletions
diff --git a/lib/libalpm/be_files.c b/lib/libalpm/be_files.c
index 0658a661..b9ff6464 100644
--- a/lib/libalpm/be_files.c
+++ b/lib/libalpm/be_files.c
@@ -618,7 +618,10 @@ int _alpm_db_read(pmdb_t *db, pmpkg_t *info, pmdbinfrq_t inforeq)
_alpm_strtrim(line);
if(strcmp(line, "%DELTAS%") == 0) {
while(fgets(line, 512, fp) && strlen(_alpm_strtrim(line))) {
- info->deltas = alpm_list_add(info->deltas, _alpm_delta_parse(line));
+ pmdelta_t *delta = _alpm_delta_parse(line);
+ if(delta) {
+ info->deltas = alpm_list_add(info->deltas, delta);
+ }
}
}
}
diff --git a/lib/libalpm/delta.c b/lib/libalpm/delta.c
index 22d9beb4..8dce7e3b 100644
--- a/lib/libalpm/delta.c
+++ b/lib/libalpm/delta.c
@@ -22,6 +22,8 @@
#include <stdlib.h>
#include <string.h>
#include <limits.h>
+#include <sys/types.h>
+#include <regex.h>
/* libalpm */
#include "delta.h"
@@ -257,6 +259,19 @@ pmdelta_t *_alpm_delta_parse(char *line)
{
pmdelta_t *delta;
char *tmp = line, *tmp2;
+ regex_t reg;
+
+ regcomp(&reg,
+ "^[^[:space:]]* [[:xdigit:]]{32}"
+ " [^[:space:]]* [[:xdigit:]]{32}"
+ " [^[:space:]]* [[:xdigit:]]{32} [[:digit:]]*$",
+ REG_EXTENDED | REG_NOSUB | REG_NEWLINE);
+ if(regexec(&reg, line, 0, 0, 0) != 0) {
+ /* delta line is invalid, return NULL */
+ regfree(&reg);
+ return(NULL);
+ }
+ regfree(&reg);
CALLOC(delta, 1, sizeof(pmdelta_t), RET_ERR(PM_ERR_MEMORY, NULL));