From 5cfb27db4421c40d3dba68b18082ac0878fe42c2 Mon Sep 17 00:00:00 2001
From: Michael Schroeder <mls@suse.de>
Date: Thu, 3 Mar 2022 15:43:05 +0100
Subject: [PATCH] Do not silently ignore the userdata if it is too big

Instead error out when writing the solv file.
---
 src/repo_write.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/repo_write.c b/src/repo_write.c
index b3a6bbcb..a73eebff 100644
--- a/src/repo_write.c
+++ b/src/repo_write.c
@@ -1179,9 +1179,9 @@ repowriter_set_userdata(Repowriter *writer, const void *data, int len)
 {
   writer->userdata = solv_free(writer->userdata);
   writer->userdatalen = 0;
-  if (len < 0 || len >= 65536)
+  if (len <= 0)
     return;
-  writer->userdata = len ? solv_memdup(data, len) : 0;
+  writer->userdata = solv_memdup(data, len);
   writer->userdatalen = len;
 }
 
@@ -1249,6 +1249,9 @@ repowriter_write(Repowriter *writer, FILE *fp)
 
   Id type_constantid = 0;
 
+  /* sanity checks */
+  if (writer->userdatalen < 0 || writer->userdatalen >= 65536)
+    return pool_error(pool, -1, "illegal userdata length: %d", writer->userdatalen);
 
   memset(&cbdata, 0, sizeof(cbdata));
   cbdata.pool = pool;
-- 
2.47.2