[Reproducible-commits] [dpkg] 15/18: dpkg-deb: Fix off-by-one write access on versionbuf variable

[Holger Levsen]

This is an automated email from the git hooks/post-receive script.

holger pushed a commit to annotated tag 1.17.26
in repository dpkg.

commit 33982c80d720689586b43c50e56ad018783080e2
Author: Guillem Jover <guillem at debian.org>
Date:   Sun Sep 6 21:25:00 2015 +0200

    dpkg-deb: Fix off-by-one write access on versionbuf variable
    
    Cherry picked from commit e65aa3db04eb908c9507d5d356a95cedb890814d.
    
    Closes: #798324
    Warned-by: afl
    Reported-by: Jacek Wielemborek <d33tah at gmail.com>
---
 debian/changelog   | 4 ++++
 dpkg-deb/extract.c | 2 +-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/debian/changelog b/debian/changelog
index 636048d..a8bea7b 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,5 +1,9 @@
 dpkg (1.17.26) UNRELEASED; urgency=low
 
+  [ Guillem Jover ]
+  * Fix an off-by-one write access in dpkg-deb when parsing the .deb magic.
+    Reported by Jacek Wielemborek <d33tah at gmail.com>. Closes: #798324
+
   [ Updated programs translations ]
   * Catalan (Jordi Mallach).
   * Turkish (Mert Dirik). Closes: #785095
diff --git a/dpkg-deb/extract.c b/dpkg-deb/extract.c
index 2c92940..5c4c220 100644
--- a/dpkg-deb/extract.c
+++ b/dpkg-deb/extract.c
@@ -130,7 +130,7 @@ extracthalf(const char *debar, const char *dir,
   if (fstat(arfd, &stab))
     ohshite(_("failed to fstat archive"));
 
-  r = read_line(arfd, versionbuf, strlen(DPKG_AR_MAGIC), sizeof(versionbuf));
+  r = read_line(arfd, versionbuf, strlen(DPKG_AR_MAGIC), sizeof(versionbuf) - 1);
   if (r < 0)
     read_fail(r, debar, _("archive magic version number"));
 

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/reproducible/dpkg.git