Overview

File cpionamesize.diff of Package rpm.2971

--- ./lib/cpio.c.orig	2014-12-11 14:51:11.149327450 +0000
+++ ./lib/cpio.c	2014-12-11 14:53:21.493772955 +0000
@@ -296,6 +296,8 @@ int rpmcpioHeaderRead(rpmcpio_t cpio, ch
     st->st_rdev = makedev(major, minor);
 
     GET_NUM_FIELD(hdr.namesize, nameSize);
+    if (nameSize <= 0 || nameSize > 4096)
+        return CPIOERR_BAD_HEADER;
 
     *path = xmalloc(nameSize + 1);
     read = Fread(*path, nameSize, 1, cpio->fd);
openSUSE Build Service is sponsored by
Places