sar: Check min size of sa data file header

The size of an sa data file header may be greater than expected (should
we read a data file from eg. a future sysstat version), but it cannot be
smaller than current version's header size (else we wouldn't be able to
interpret the header contents).

In relation with CID #29719.

Signed-off-by: Sebastien GODARD <sysstat@users.noreply.github.com>

diff --git a/sa_common.c b/sa_common.c
index b7351d92b1d7f7843f92e8b2ade91426b3a8547e..636fcf458b81078ac7f31da825e8df92fc3dffad 100644 (file)
--- a/sa_common.c
+++ b/sa_common.c
@@ -1284,7 +1284,8 @@ int sa_open_read_magic(int *fd, char *dfile, struct file_magic *file_magic,
        if ((n != FILE_MAGIC_SIZE) ||
            (file_magic->sysstat_magic != SYSSTAT_MAGIC) ||
            ((file_magic->format_magic != FORMAT_MAGIC) && !ignore) ||
-           (file_magic->header_size > MAX_FILE_HEADER_SIZE)) {
+           (file_magic->header_size > MAX_FILE_HEADER_SIZE) ||
+           (file_magic->header_size < FILE_HEADER_SIZE)) {
                /* Display error message and exit */
                handle_invalid_sa_file(fd, file_magic, dfile, n);
        }
@@ -1334,7 +1335,11 @@ void check_file_actlst(int *ifd, char *dfile, struct activity *act[],
 
        /* Read sa data file standard header and allocate activity list */
        sa_fread(*ifd, buffer, file_magic->header_size, HARD_SIZE);
-       memcpy(file_hdr, buffer, MINIMUM(file_magic->header_size, FILE_HEADER_SIZE));
+       /*
+        * Data file header size may be greater than FILE_HEADER_SIZE, but
+        * anyway only the first FILE_HEADER_SIZE bytes can be interpreted.
+        */
+       memcpy(file_hdr, buffer, FILE_HEADER_SIZE);
        free(buffer);
 
        /*