commit fdba86b87f7644af81e57923f0b4e4f6e03dedfa
parent dde0b08c0386115d4b11bd3654be8cecae2e1bf9
Author: Roberto E. Vargas Caballero <k0ga@shike2.com>
Date: Fri, 24 Nov 2017 17:01:34 +0000
[nm] Improve member skipping in ar()
The condition to calculate the position in ar() was wrong
and it was possible to fire an integer overflow.
Diffstat:
1 file changed, 10 insertions(+), 1 deletion(-)
diff --git a/nm/main.c b/nm/main.c
@@ -94,8 +94,17 @@ ar(char *fname, FILE *fp)
long pos;
while (rdarhdr(fp, &hdr) != EOF) {
- if ((pos = ftell(fp)) & 1)
+ pos = ftell(fp);
+ if (pos > LONG_MAX - hdr.size) {
+ fprintf(stderr,
+ "nm: %s: overflow in size of archive\n",
+ fname);
+ return;
+ }
+ pos += hdr.size;
+ if (hdr.size & 1)
++pos;
+
if (myrofile(fname, fp)) {
nm(fname, hdr.name, fp);
} else {
