Send patches - preferably formatted by git format-patch - to patches at archlinux32 dot org.
summaryrefslogtreecommitdiff
path: root/lib/libalpm/pkghash.c
diff options
context:
space:
mode:
authorTobias Stoeckmann <tobias@stoeckmann.org>2016-06-18 18:41:07 +0200
committerAndrew Gregory <andrew.gregory.8@gmail.com>2017-05-08 23:27:41 -0400
commit3218360114d0e3a3a965feb2f6fd3f4e2da8c8a0 (patch)
tree620ecf9a078da881f2e954c5f1566a87276fb5f0 /lib/libalpm/pkghash.c
parent8abb0cbf0e76bc9e59aa58b368ca11a2f0c189f2 (diff)
Reject files larger than 16384 bytes in read_sigfile.
If signature files are larger than SIZE_MAX, not enough memory could be allocated for this file. The script repo-add rejects files which are larger than 16384 bytes, therefore handle these as errors here, too. While at it, I also rearranged the code to avoid a quite harmless TOCTOU race condition between stat() and fopen(). Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org> Signed-off-by: Allan McRae <allan@archlinux.org> (cherry picked from commit 5fcd60e2641c9293c2783aad509baf217e77aa6f)
Diffstat (limited to 'lib/libalpm/pkghash.c')
0 files changed, 0 insertions, 0 deletions