Fix segfault when extracting from a multi-volume archive.

Fix suggested by Pavel Raiskup. * src/buffer.c (try_new_volume): Fix dereferencing NULL pointer. * tests/multiv09.at: New testcase. * tests/Makefile.am: Add new testcase. * tests/testsuite.at: Likewise.
2015-12-06 22:02:16 +02:00
parent 5dd490e7f1
commit 0a93c16c62
4 changed files with 58 additions and 2 deletions
--- a/src/buffer.c
+++ b/src/buffer.c
@@ -1493,8 +1493,14 @@ try_new_volume (void)
  if (bufmap_head)
    {
      uintmax_t s;
-      if (!continued_file_name
-          || strcmp (continued_file_name, bufmap_head->file_name))
+      if (!continued_file_name)
+	{
+	  WARN ((0, 0, _("%s is not continued on this volume"),
+		 quote (bufmap_head->file_name)));
+	  return false;
+	}
+      
+      if (strcmp (continued_file_name, bufmap_head->file_name))
        {
          if ((archive_format == GNU_FORMAT || archive_format == OLDGNU_FORMAT)
              && strlen (bufmap_head->file_name) >= NAME_FIELD_SIZE
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -151,6 +151,7 @@ TESTSUITE_AT = \
 multiv06.at\
 multiv07.at\
 multiv08.at\
+ multiv09.at\
 numeric.at\
 old.at\
 onetop01.at\
--- a/tests/multiv09.at
+++ b/tests/multiv09.at
@@ -0,0 +1,48 @@
+# Process this file with autom4te to create testsuite. -*- Autotest -*-
+# Test suite for GNU tar.
+# Copyright 2015 Free Software Foundation, Inc.
+#
+# GNU tar is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# GNU tar is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+# Description: Tar <=1.28 would segfault extracting from a multi-volume
+# archive containging filenames >= 100 characters if the subsequent volume
+# was not set properly.
+# Reported by: Pavel Raiskup <praiskup@redhat.com>
+# References: https://bugzilla.redhat.com/show_bug.cgi?id=866071,
+#    <1351863945-31192-3-git-send-email-praiskup@redhat.com>,
+#    http://lists.gnu.org/archive/html/bug-tar/2012-11/msg00009.html
+
+AT_SETUP([bad next volume])
+AT_KEYWORDS([multivolume multiv multiv09])
+
+# filename of length 100 characters
+m4_pushdef([FILENAME],[dnl
+m4_for([N],1,100,,[a])])
+
+AT_TAR_CHECK([
+genfile --length 2000000 --file FILENAME
+tar --format=gnu -cM --tape-length 1M -f A.tar -f B.tar FILENAME || exit $?
+echo "created"
+tar --format=gnu -xM -f A.tar 2>/dev/null <<EOF
+y
+q
+EOF
+],
+[2],
+[created
+])
+
+AT_CLEANUP
+
+m4_popdef([FILENAME])
--- a/tests/testsuite.at
+++ b/tests/testsuite.at
@@ -361,6 +361,7 @@ m4_include([multiv05.at])
 m4_include([multiv06.at])
 m4_include([multiv07.at])
 m4_include([multiv08.at])
+m4_include([multiv09.at])

 AT_BANNER([Owner and Groups])
 m4_include([owner.at])