From: Michael Tremer <michael.tremer@ipfire.org>
Date: Fri, 6 Oct 2023 15:00:25 +0000 (+0000)
Subject: archive: read: Limit the maximum number of symlinks to follow
X-Git-Tag: 0.9.30~1528
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=587f8f69dcadf296a61e14d109186c5aaf951109;p=pakfire.git

archive: read: Limit the maximum number of symlinks to follow

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---

diff --git a/src/libpakfire/archive.c b/src/libpakfire/archive.c
index 85c5c228b..00a90a961 100644
--- a/src/libpakfire/archive.c
+++ b/src/libpakfire/archive.c
@@ -53,6 +53,9 @@
 
 #define MAX_SCRIPTLETS 9
 
+// The maximum number of symlinks to follow when reading a file from an archive
+#define MAX_FOLLOW_SYMLINKS 10
+
 struct pakfire_archive {
 	struct pakfire* pakfire;
 	int nrefs;
@@ -585,6 +588,9 @@ struct pakfire_archive_read_cookie {
 
 	// Some flags
 	int flags;
+
+	// Count how many symlinks we have followed
+	unsigned int followed_symlinks;
 };
 
 static ssize_t __pakfire_archive_cookie_read(void* c, char* buffer, size_t size) {
@@ -648,6 +654,12 @@ static int __pakfire_archive_read_filter(struct pakfire* pakfire, struct archive
 			if (r)
 				return PAKFIRE_WALK_ERROR;
 
+			// Increment counter
+			if (++cookie->followed_symlinks >= MAX_FOLLOW_SYMLINKS) {
+				ERROR(pakfire, "Reached maximum number of symlinks to follow\n");
+				return PAKFIRE_WALK_ERROR;
+			}
+
 			return PAKFIRE_WALK_AGAIN;
 		}