[hackers] [sbase][PATCH v3] tar: sanitize, chktar: leading spaces should be skipped over

From: Elie Le Vaillant <eolien55_AT_disroot.org>
Date: Sun, 11 Feb 2024 09:26:14 +0100

Some tar archives (eg. ftp://ftp.gnu.org/gnu/shtool/shtool-2.0.8.tar.gz)
use leading spaces instead of leading zeroes for numeric fields.
Although it is not allowed by the ustar specification, most tar
implementations recognize it as correct. But since 3ef6d4e4, we
replace all spaces by NULs here, not just trailing ones, which leads to
recognizing such archives as malformed. This fixes it: we now skip
over leading spaces, allowing strtol(3) to read those numeric fields.

---
 tar.c | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/tar.c b/tar.c
index d3a9f3b..5f73c26 100644
--- a/tar.c
+++ b/tar.c
_AT_@ -399,10 +399,12 @@ sanitize(struct header *h)
 	/* Numeric fields can be terminated with spaces instead of
 	 * NULs as per the ustar specification.  Patch all of them to
 	 * use NULs so we can perform string operations on them. */
-	for (i = 0; i < LEN(fields); i++)
-		for (j = 0; j < fields[i].l; j++)
+	for (i = 0; i < LEN(fields); i++){
+		for (j = 0; j < fields[i].l && fields[i].f[j] == ' '; j++);
+		for (; j < fields[i].l; j++)
 			if (fields[i].f[j] == ' ')
 				fields[i].f[j] = '\0';
+	}
 }
 
 static void
_AT_@ -421,7 +423,8 @@ chktar(struct header *h)
 		goto bad;
 	}
 	memcpy(tmp, h->chksum, sizeof(tmp));
-	for (i = 0; i < sizeof(tmp); i++)
+	for (i = 0; i < sizeof(tmp), tmp[i] == ' '; i++);
+	for (; i < sizeof(tmp); i++)
 		if (tmp[i] == ' ')
 			tmp[i] = '\0';
 	s1 = strtol(tmp, &err, 8);
-- 
2.43.0

Received on Sun Feb 11 2024 - 09:26:14 CET