From fa029b5c4cd24b430500e89e8e8171746b96ffb3 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Tim=20D=C3=BCsterhus?= Date: Wed, 8 Jul 2020 12:49:01 +0200 Subject: [PATCH] Check the length of the resulting string in Tar::extractToString() --- wcfsetup/install/files/lib/system/io/Tar.class.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/wcfsetup/install/files/lib/system/io/Tar.class.php b/wcfsetup/install/files/lib/system/io/Tar.class.php index 05357e3740..ff2b882664 100644 --- a/wcfsetup/install/files/lib/system/io/Tar.class.php +++ b/wcfsetup/install/files/lib/system/io/Tar.class.php @@ -182,6 +182,10 @@ class Tar implements IArchive { // read data $content = $this->file->read($header['size']); + if (strlen($content) != $header['size']) { + throw new SystemException("Could not untar file '".$header['filename']."' to string. Maybe the archive is truncated?"); + } + return $content; } -- 2.20.1