commit 9fa5181270fbedcfc50c8aaaac50a4aec0fd1dbd
from: Stefan Sperling <stsp@stsp.name>
date: Wed Mar 18 16:11:32 2020 UTC

check pack file header in fetch_pack()

commit - 531c39852ff6a7454ce0e618bacb7b7e20f93523
commit + 9fa5181270fbedcfc50c8aaaac50a4aec0fd1dbd
blob - b1b439e4c1fd3286a870a660a24649e1f1ddbada
blob + 40fbe8e20ba6e580c268f219a7ccf362d9e6242b
--- libexec/got-fetch-pack/got-fetch-pack.c
+++ libexec/got-fetch-pack/got-fetch-pack.c
@@ -514,6 +514,7 @@ fetch_pack(int fd, int packfd, struct got_object_id *p
 	struct got_pathlist_head symrefs;
 	struct got_pathlist_entry *pe;
 	int have_sidebands = 0;
+	uint32_t nobjects = 0;
 
 	TAILQ_INIT(&symrefs);
 
@@ -736,6 +737,32 @@ fetch_pack(int fd, int packfd, struct got_object_id *p
 				break;
 		}
 
+		/* Check pack file header. */
+		if (nobjects == 0) {
+			struct got_packfile_hdr *hdr = (void *)buf;
+			if (r < sizeof(*hdr)) {
+				err = got_error_msg(GOT_ERR_BAD_PACKFILE,
+				    "short packfile header");
+				goto done;
+			}
+			if (hdr->signature != htobe32(GOT_PACKFILE_SIGNATURE)) {
+				err = got_error_msg(GOT_ERR_BAD_PACKFILE,
+				    "bad packfile signature");
+				goto done;
+			}
+			if (hdr->version != htobe32(GOT_PACKFILE_VERSION)) {
+				err = got_error_msg(GOT_ERR_BAD_PACKFILE,
+				    "bad packfile version");
+				goto done;
+			}
+			nobjects = betoh32(hdr->nobjects);
+			if (nobjects == 0) {
+				err = got_error_msg(GOT_ERR_BAD_PACKFILE,
+				    "bad packfile with zero objects");
+				goto done;
+			}
+		}
+
 		/* Write packfile data to temporary pack file. */
 		w = write(packfd, buf, r);
 		if (w == -1) {