From c11084bcc2d7d9976570a12263b81d2488066115 Mon Sep 17 00:00:00 2001 From: Paul Eggert Date: Sat, 26 Jul 2025 00:27:01 -0700 Subject: [PATCH] Avoid undefined behavior in magic checking * src/buffer.c (check_compressed_archive): * src/list.c (read_header, decode_header): Use memcmp, not strcmp, when looking for magic strings in headers, since input headers are not guaranteed to be strings and strcmp has undefined behavior otherwise. --- src/buffer.c | 9 +++++---- src/list.c | 8 ++++---- 2 files changed, 9 insertions(+), 8 deletions(-) diff --git a/src/buffer.c b/src/buffer.c index 1165186a..e0d415c3 100644 --- a/src/buffer.c +++ b/src/buffer.c @@ -419,10 +419,11 @@ check_compressed_archive (bool *pshort) read_full_records = sfr; if (record_start != record_end /* no files smaller than BLOCKSIZE */ - && (strcmp (record_start->header.magic, TMAGIC) == 0 - || strcmp (record_start->buffer + offsetof (struct posix_header, - magic), - OLDGNU_MAGIC) == 0) + && (memcmp (record_start->header.magic, TMAGIC, sizeof TMAGIC) == 0 + || (memcmp (record_start->buffer + offsetof (struct posix_header, + magic), + OLDGNU_MAGIC, sizeof OLDGNU_MAGIC) + == 0)) && tar_checksum (record_start, true) == HEADER_SUCCESS) /* Probably a valid header */ return ct_tar; diff --git a/src/list.c b/src/list.c index 8e807141..822c12dd 100644 --- a/src/list.c +++ b/src/list.c @@ -542,7 +542,7 @@ read_header (union block **return_block, struct tar_stat_info *info, section 10.1.1. */ char *np = namebuf; - if (h->prefix[0] && strcmp (h->magic, TMAGIC) == 0) + if (h->prefix[0] && memcmp (h->magic, TMAGIC, sizeof TMAGIC) == 0) { memcpy (np, h->prefix, sizeof h->prefix); np[sizeof h->prefix] = '\0'; @@ -613,7 +613,7 @@ decode_header (union block *header, struct tar_stat_info *stat_info, bool hbits; mode_t mode = MODE_FROM_HEADER (header->header.mode, &hbits); - if (strcmp (header->header.magic, TMAGIC) == 0) + if (memcmp (header->header.magic, TMAGIC, sizeof TMAGIC) == 0) { if (header->star_header.prefix[130] == 0 && is_octal_digit (header->star_header.atime[0]) @@ -626,8 +626,8 @@ decode_header (union block *header, struct tar_stat_info *stat_info, else format = USTAR_FORMAT; } - else if (strcmp (header->buffer + offsetof (struct posix_header, magic), - OLDGNU_MAGIC) + else if (memcmp (header->buffer + offsetof (struct posix_header, magic), + OLDGNU_MAGIC, sizeof OLDGNU_MAGIC) == 0) format = hbits ? OLDGNU_FORMAT : GNU_FORMAT; else -- 2.47.2