1
0
mirror of https://git.FreeBSD.org/src.git synced 2024-12-23 11:18:54 +00:00
freebsd/usr.bin/gzip
Xin LI c1c4677aec When reading in the original file name from gzip header, we read
in PATH_MAX + 1 bytes from the file.  In r281500, strrchr() is
used to strip possible path portion of the file name to mitigate
a possible attack.  Unfortunately, strrchr() expects a buffer
that is NUL-terminated, and since we are processing potentially
untrusted data, we can not assert that be always true.

Solve this by reading in one less byte (now PATH_MAX) and
explicitly terminate the buffer after the read size with NUL.

Reported by:	Coverity
CID:		1264915
X-MFC-with:	281500
MFC after:	13 days
2015-04-15 00:07:21 +00:00
..
tests Integrate usr.bin/gzip/tests from NetBSD into atf/kyua 2014-10-09 02:24:34 +00:00
gzexe
gzexe.1
gzip.1 Sync with NetBSD: 2015-04-13 19:46:30 +00:00
gzip.c When reading in the original file name from gzip header, we read 2015-04-15 00:07:21 +00:00
Makefile Convert to usr.bin/ to LIBADD 2014-11-25 14:29:10 +00:00
unbzip2.c Diff reduction against NetBSD and add myself to AUTHORS section of the 2010-04-07 22:54:53 +00:00
unpack.c Correct some typos in comments, no functional changes. 2010-10-16 15:24:04 +00:00
unxz.c According to the NetBSD foundation [1]: 2011-10-16 07:35:26 +00:00
zdiff Diff reduction against NetBSD. The most notable change is to zdiff(1) to 2011-05-23 09:02:44 +00:00
zdiff.1 Diff reduction against NetBSD. The most notable change is to zdiff(1) to 2011-05-23 09:02:44 +00:00
zforce
zforce.1
zmore Sync with NetBSD. 2014-10-23 01:22:29 +00:00
zmore.1 Sync with NetBSD. 2014-10-23 01:22:29 +00:00
znew Reflect the fact that we actually have NetBSD revision 1.3. 2008-06-30 23:53:15 +00:00
znew.1
zuncompress.c Correct buffer size. 2014-06-26 00:31:58 +00:00