[packages/rpm.git] / rpm-CVE-2014-8118.patch

--- rpm-5.4.15/rpmio/cpio.c.orig	2012-04-16 05:21:22.000000000 +0200
+++ rpm-5.4.15/rpmio/cpio.c	2015-01-25 15:50:23.017311712 +0100
@@ -136,7 +136,7 @@
     /*@=shiftimplementation@*/
 
     GET_NUM_FIELD(hdr->namesize, nb);
-    if (nb >= iosm->wrsize)
+    if (nb <= 0 || nb >= iosm->wrsize)
 	return IOSMERR_BAD_HEADER;
 
     /* Read file name. */
Commit	Line	Data
8dc5e023 JR	1	--- rpm-5.4.15/rpmio/cpio.c.orig 2012-04-16 05:21:22.000000000 +0200
	2	+++ rpm-5.4.15/rpmio/cpio.c 2015-01-25 15:50:23.017311712 +0100
	3	@@ -136,7 +136,7 @@
	4	/@=shiftimplementation@/
	5
	6	GET_NUM_FIELD(hdr->namesize, nb);
	7	- if (nb >= iosm->wrsize)
	8	+ if (nb <= 0 \|\| nb >= iosm->wrsize)
	9	return IOSMERR_BAD_HEADER;
	10
	11	/* Read file name. */