From b99bebc008dcf944a88f99bb44ac9029557e4149 Mon Sep 17 00:00:00 2001 From: Dan McGee Date: Sun, 30 Nov 2008 17:17:00 -0600 Subject: Add regex to delta code so we don't segfault when reading line If the delta line doesn't match our regex, we won't go and process it, possibly walking off the end of the string. Signed-off-by: Dan McGee --- lib/libalpm/be_files.c | 5 ++++- lib/libalpm/delta.c | 15 +++++++++++++++ 2 files changed, 19 insertions(+), 1 deletion(-) (limited to 'lib/libalpm') diff --git a/lib/libalpm/be_files.c b/lib/libalpm/be_files.c index 0658a661..b9ff6464 100644 --- a/lib/libalpm/be_files.c +++ b/lib/libalpm/be_files.c @@ -618,7 +618,10 @@ int _alpm_db_read(pmdb_t *db, pmpkg_t *info, pmdbinfrq_t inforeq) _alpm_strtrim(line); if(strcmp(line, "%DELTAS%") == 0) { while(fgets(line, 512, fp) && strlen(_alpm_strtrim(line))) { - info->deltas = alpm_list_add(info->deltas, _alpm_delta_parse(line)); + pmdelta_t *delta = _alpm_delta_parse(line); + if(delta) { + info->deltas = alpm_list_add(info->deltas, delta); + } } } } diff --git a/lib/libalpm/delta.c b/lib/libalpm/delta.c index 22d9beb4..8dce7e3b 100644 --- a/lib/libalpm/delta.c +++ b/lib/libalpm/delta.c @@ -22,6 +22,8 @@ #include #include #include +#include +#include /* libalpm */ #include "delta.h" @@ -257,6 +259,19 @@ pmdelta_t *_alpm_delta_parse(char *line) { pmdelta_t *delta; char *tmp = line, *tmp2; + regex_t reg; + + regcomp(®, + "^[^[:space:]]* [[:xdigit:]]{32}" + " [^[:space:]]* [[:xdigit:]]{32}" + " [^[:space:]]* [[:xdigit:]]{32} [[:digit:]]*$", + REG_EXTENDED | REG_NOSUB | REG_NEWLINE); + if(regexec(®, line, 0, 0, 0) != 0) { + /* delta line is invalid, return NULL */ + regfree(®); + return(NULL); + } + regfree(®); CALLOC(delta, 1, sizeof(pmdelta_t), RET_ERR(PM_ERR_MEMORY, NULL)); -- cgit v1.2.3-24-g4f1b