libarchive: Cherry-pick upstream 2c8c83b9
Relevant vendor changes: Fix issue #948: out-of-bounds read in lha_read_data_none() admbugs: 877 Security: CVE-2017-14503
This commit is contained in:
parent
f7158da37f
commit
032a8914c1
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/vendor/libarchive/dist/; revision=336800
@ -701,6 +701,12 @@ archive_read_format_lha_read_header(struct archive_read *a,
|
||||
* Prepare variables used to read a file content.
|
||||
*/
|
||||
lha->entry_bytes_remaining = lha->compsize;
|
||||
if (lha->entry_bytes_remaining < 0) {
|
||||
archive_set_error(&a->archive,
|
||||
ARCHIVE_ERRNO_FILE_FORMAT,
|
||||
"Invalid LHa entry size");
|
||||
return (ARCHIVE_FATAL);
|
||||
}
|
||||
lha->entry_offset = 0;
|
||||
lha->entry_crc_calculated = 0;
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user