diff --git a/lib/libalpm/be_files.c b/lib/libalpm/be_files.c index 0658a661..b9ff6464 100644 --- a/lib/libalpm/be_files.c +++ b/lib/libalpm/be_files.c @@ -618,7 +618,10 @@ int _alpm_db_read(pmdb_t *db, pmpkg_t *info, pmdbinfrq_t inforeq) _alpm_strtrim(line); if(strcmp(line, "%DELTAS%") == 0) { while(fgets(line, 512, fp) && strlen(_alpm_strtrim(line))) { - info->deltas = alpm_list_add(info->deltas, _alpm_delta_parse(line)); + pmdelta_t *delta = _alpm_delta_parse(line); + if(delta) { + info->deltas = alpm_list_add(info->deltas, delta); + } } } } diff --git a/lib/libalpm/delta.c b/lib/libalpm/delta.c index 22d9beb4..8dce7e3b 100644 --- a/lib/libalpm/delta.c +++ b/lib/libalpm/delta.c @@ -22,6 +22,8 @@ #include #include #include +#include +#include /* libalpm */ #include "delta.h" @@ -257,6 +259,19 @@ pmdelta_t *_alpm_delta_parse(char *line) { pmdelta_t *delta; char *tmp = line, *tmp2; + regex_t reg; + + regcomp(®, + "^[^[:space:]]* [[:xdigit:]]{32}" + " [^[:space:]]* [[:xdigit:]]{32}" + " [^[:space:]]* [[:xdigit:]]{32} [[:digit:]]*$", + REG_EXTENDED | REG_NOSUB | REG_NEWLINE); + if(regexec(®, line, 0, 0, 0) != 0) { + /* delta line is invalid, return NULL */ + regfree(®); + return(NULL); + } + regfree(®); CALLOC(delta, 1, sizeof(pmdelta_t), RET_ERR(PM_ERR_MEMORY, NULL));