From: Sebastien GODARD <sysstat@users.noreply.github.com>
Date: Sun, 11 Feb 2018 10:43:20 +0000 (+0100)
Subject: sar/sadf: Add checks on file's header size read from file
X-Git-Tag: v11.7.2~5
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=84300ccbd6598ea4e0cde6a97c0bb22a11eb953c;p=sysstat

sar/sadf: Add checks on file's header size read from file

sa_open_read_magic() reads file's magic structure and in particular the
size of the header structure to come.
header_size field in file_magic structure exists only with versions
10.3.1 and later. So checking bounds for header_size is done only for
those versions, based on the values of sysstat_version and
sysstat_patchlevel.
With a corrupted datafile (i.e. a file having the right FORMAT_MAGIC
value but values corresponding to older sysstat versions in
sysstat_version and sysstat_patchlevel), the test is not done.
So do it again in check_file_actlst() function.

Signed-off-by: Sebastien GODARD <sysstat@users.noreply.github.com>
---

diff --git a/sa_common.c b/sa_common.c
index 566c242..de0a456 100644
--- a/sa_common.c
+++ b/sa_common.c
@@ -1605,7 +1605,15 @@ void check_file_actlst(int *ifd, char *dfile, struct activity *act[],
 		 */
 		return;
 
-	/* We know now that we have a *compatible* sysstat datafile format */
+	/*
+	 * We know now that we have a *compatible* sysstat datafile format
+	 * (correct FORMAT_MAGIC value), and in this case, we should have
+	 * checked header_size value. Anyway, with a corrupted datafile,
+	 * this may not be the case. So check again.
+	 */
+	if ((file_magic->header_size <= MIN_FILE_HEADER_SIZE) ||
+	    (file_magic->header_size > MAX_FILE_HEADER_SIZE))
+		goto format_error;
 
 	/* Allocate buffer for file_header structure */
 	SREALLOC(buffer, char, file_magic->header_size);