qtbz2: attempt to fix Coverity taint warning

Signed-off-by: Fabian Groffen <grobian@gentoo.org>

1 files changed, 13 insertions, 1 deletions

diff --git a/qtbz2.c b/qtbz2.c
index 7cc0b37..0f26ac4 100644
--- a/qtbz2.c
+++ b/qtbz2.c
@@ -1,9 +1,10 @@
 /*
- * Copyright 2005-2020 Gentoo Foundation
+ * Copyright 2005-2022 Gentoo Foundation
  * Distributed under the terms of the GNU General Public License v2
  *
  * Copyright 2005-2010 Ned Ludd        - <solar@gentoo.org>
  * Copyright 2005-2014 Mike Frysinger  - <vapier@gentoo.org>
+ * Copyright 2020-     Fabian Groffen  - <grobian@gentoo.org>
  */
 
 #include "main.h"
@@ -199,6 +200,17 @@ tbz2_decompose(int dir_fd, const char *tbz2, const char *tarbz2, const char *xpa
 	/* calculate tarbz2's size */
 	tarbz2_size = st.st_size - xpak_size - TBZ2_END_LEN;
 
+	/* attempt to check xpak_size and tarbz2_size for Coverity's taint
+	 * check CID 248878 */
+	if (xpak_size <= 0 || xpak_size >= st.st_size) {
+		warn("%s: invalid xpak size: %ld", tbz2, xpak_size);
+		goto close_in_and_ret;
+	}
+	if (tarbz2_size <= 0) {
+		warn("%s: invalid tar size: %ld", tbz2, tarbz2_size);
+		goto close_in_and_ret;
+	}
+
 	/* reset to the start of the tbz2 */
 	rewind(in);
 	/* dump the tar.bz2 */