From 17ba65b8b65cf1c8790b0a32a12e510134285cef Mon Sep 17 00:00:00 2001
From: Thomas Schmitt <scdbackup@gmx.net>
Date: Thu, 12 Nov 2015 12:34:01 +0000
Subject: [PATCH] Protected output -find -exec list_extattr from potential
 overflow. Coverity CID 28780.

---
 xorriso/iso_tree.c          | 14 +++++++++++++-
 xorriso/xorriso_timestamp.h |  2 +-
 2 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/xorriso/iso_tree.c b/xorriso/iso_tree.c
index dec0fef1..54cceeaf 100644
--- a/xorriso/iso_tree.c
+++ b/xorriso/iso_tree.c
@@ -894,11 +894,12 @@ int Xorriso_append_extattr_comp(struct XorrisO *xorriso,
                                 char *comp, size_t comp_len,
                                 char *mode, int flag)
 {
- int ret;
+ int ret, line_limit;
  char *line, *wpt, *bsl = NULL;
  unsigned char *upt, *uval;
 
  line= xorriso->result_line;
+ line_limit= sizeof(xorriso->result_line);
  uval= (unsigned char *) comp;
 
  if(*mode == 'q') {
@@ -913,6 +914,8 @@ int Xorriso_append_extattr_comp(struct XorrisO *xorriso,
        strcat(line, "\"$(echo -e '");
      wpt= line + strlen(line);
      for(upt= uval; (size_t) (upt - uval) < comp_len; upt++) {
+       if(wpt - line + 5 + 3 + 1 > line_limit) /* "\\0xyz" + "')\"" + 0 */
+         goto too_much;
        if(*upt <= 037 || *upt >= 0177 || *upt == '\\' || *upt == '\'') {
          if(flag & 1)
            *(wpt++)= '\\';
@@ -932,10 +935,14 @@ int Xorriso_append_extattr_comp(struct XorrisO *xorriso,
    ret= Sfile_bsl_encoder(&bsl, comp, comp_len, 8);
    if(ret <= 0) 
      {ret= -1; goto ex;}
+   if(strlen(line) + strlen(bsl) + 1 > line_limit)
+     goto too_much;
    strcat(line, bsl);
    free(bsl);
    bsl= NULL;
  } else if(*mode == 'r') {
+   if(strlen(line) + strlen(comp) + 1 > line_limit)
+     goto too_much;
    strcat(line, comp);
  }
  ret= 1;
@@ -943,6 +950,11 @@ ex:;
  if(bsl != NULL)
    free(bsl);
  return(ret);
+too_much:;
+ Xorriso_msgs_submit(xorriso, 0, "Oversized BSD-style file attribute",
+                     0, "FAILURE", 0);
+ ret= -1;
+ goto ex;
 }
 
 
diff --git a/xorriso/xorriso_timestamp.h b/xorriso/xorriso_timestamp.h
index 85141d2f..766a244f 100644
--- a/xorriso/xorriso_timestamp.h
+++ b/xorriso/xorriso_timestamp.h
@@ -1 +1 @@
-#define Xorriso_timestamP "2015.11.11.192609"
+#define Xorriso_timestamP "2015.11.12.123345"