diff options
| -rw-r--r-- | ChangeLog | 4 | ||||
| -rw-r--r-- | THANKS | 1 | ||||
| -rw-r--r-- | debian/changelog | 1 | ||||
| -rw-r--r-- | utils/md5sum.c | 14 |
4 files changed, 19 insertions, 1 deletions
@@ -1,3 +1,7 @@ +Mon Mar 8 19:02:25 GMT 2004 Andrew Suffield <asuffield@debian.org> + + * utils/md5sum.c: Check the bounds of the line before processing. + Mon Mar 8 18:55:13 GMT 2004 Brian M. Carlson <sandals@crustytoothpaste.ath.cx> * utils/md5sum.c: Don't print offending lines as they may not be NULL @@ -1,6 +1,7 @@ Adam Heath <doogie@debian.org> Alberto Garcia <berto@gpul.org> Andrew Hobson <ahobson@eng.mindspring.net> +Andrew Suffield <asuffield@debian.org> Ben Collins <bcollins@debian.org> Branko Lankester Brian M. Carlson <sandals@crustytoothpaste.ath.cx> diff --git a/debian/changelog b/debian/changelog index 9831b7c97..d684abcae 100644 --- a/debian/changelog +++ b/debian/changelog @@ -11,6 +11,7 @@ dpkg (1.10.19) unstable; urgency=low * Update support for Debian FreeBSD. Closes: #211566. * Store Architecture in the status file. Closes: #228253. * Don't print offending lines in md5sum. Closes: #170953. + * Check bounds of md5sum lines. Closes: #168443, #199489, #199693. -- Scott James Remnant <scott@netsplit.com> UNRELEASED diff --git a/utils/md5sum.c b/utils/md5sum.c index dc55a98a7..f84634caf 100644 --- a/utils/md5sum.c +++ b/utils/md5sum.c @@ -223,6 +223,14 @@ get_md5_line(FILE *fp, unsigned char *digest, char *file) if (fgets(buf, sizeof(buf), fp) == NULL) return -1; + /* A line must have: a digest (32), a separator (2), and a + * filename (at least 1) + * + * That means it must be at least 35 characters long. + */ + if (strlen(buf) < 35) + return 0; + memcpy(digest, p, 32); p += 32; if (*p++ != ' ') @@ -246,7 +254,11 @@ get_md5_line(FILE *fp, unsigned char *digest, char *file) i = strlen(p); if (i < 2 || i > 255) return 0; - p[i-1] = '\0'; + + /* Strip the trailing newline, if present */ + if (p[i-1] == '\n') + p[i-1] = '\0'; + strcpy(file, p); return rc; } |