From d1a2dfe2d1f80f7e4a31f22dea4bb49f786f0899 Mon Sep 17 00:00:00 2001
From: Sebastien GODARD <sysstat@users.noreply.github.com>
Date: Tue, 14 Jul 2015 09:53:54 +0200
Subject: [PATCH] sadc: Fix untrusted value used as argument

Variable file_magic.header_size was used as argument though its value
hadn't been checked before.
Fix this.

CID #29720.

Signed-off-by: Sebastien GODARD <sysstat@users.noreply.github.com>
---
 sadc.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/sadc.c b/sadc.c
index 6d32a1f..31fa9ed 100644
--- a/sadc.c
+++ b/sadc.c
@@ -847,7 +847,8 @@ void open_ofile(int *ofd, char ofile[], int restart_mark)
 	}
 	if ((sz != FILE_MAGIC_SIZE) ||
 	    (file_magic.sysstat_magic != SYSSTAT_MAGIC) ||
-	    (file_magic.format_magic != FORMAT_MAGIC)) {
+	    (file_magic.format_magic != FORMAT_MAGIC) ||
+	    (file_magic.header_size > MAX_FILE_HEADER_SIZE)) {
 		if (FORCE_FILE(flags)) {
 			close(*ofd);
 			/* -F option used: Truncate file */
-- 
2.40.0