Game of Trees Repos

Commit Diff

Commit:: f392e333e6fe8e8ce5e2ebc285041cbe95236c5e
From:: Stefan Sperling <stsp@stsp.name>
Date:: Mon Dec 24 16:28:20 2018 UTC
Message:: verify total size vs header length in got-read-blob
Actions:: Patch | Tree

commit - b87c6f836d2cb7d597e245c70ea4540cf6a36af4
commit + f392e333e6fe8e8ce5e2ebc285041cbe95236c5e
blob - bcd6bb4ba2b60ed90712b29a2e72129204bee3cb
blob + d795af670c71cbef29833b04357bb80f33c64241
--- libexec/got-read-blob/got-read-blob.c
+++ libexec/got-read-blob/got-read-blob.c
@@ -147,6 +147,11 @@ main(int argc, char *argv[])
 		if (err)
 			goto done;
 
+		if (size < obj->hdrlen) {
+			err = got_error(GOT_ERR_BAD_OBJ_HDR);
+			goto done;
+		}
+
 		err = got_privsep_send_blob(&ibuf, size, obj->hdrlen);
 done:
 		if (f)