From: Michael Schroeder <mls@suse.de>
Date: Thu, 3 Mar 2022 14:43:05 +0000 (+0100)
Subject: Do not silently ignore the userdata if it is too big
X-Git-Tag: 0.7.22~8
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5cfb27db4421c40d3dba68b18082ac0878fe42c2;p=thirdparty%2Flibsolv.git

Do not silently ignore the userdata if it is too big

Instead error out when writing the solv file.
---

diff --git a/src/repo_write.c b/src/repo_write.c
index b3a6bbcb..a73eebff 100644
--- a/src/repo_write.c
+++ b/src/repo_write.c
@@ -1179,9 +1179,9 @@ repowriter_set_userdata(Repowriter *writer, const void *data, int len)
 {
   writer->userdata = solv_free(writer->userdata);
   writer->userdatalen = 0;
-  if (len < 0 || len >= 65536)
+  if (len <= 0)
     return;
-  writer->userdata = len ? solv_memdup(data, len) : 0;
+  writer->userdata = solv_memdup(data, len);
   writer->userdatalen = len;
 }
 
@@ -1249,6 +1249,9 @@ repowriter_write(Repowriter *writer, FILE *fp)
 
   Id type_constantid = 0;
 
+  /* sanity checks */
+  if (writer->userdatalen < 0 || writer->userdatalen >= 65536)
+    return pool_error(pool, -1, "illegal userdata length: %d", writer->userdatalen);
 
   memset(&cbdata, 0, sizeof(cbdata));
   cbdata.pool = pool;