libarchive: merge vendor bugfixes

Bugfixes:
  IS #1685 and OSS-Fuzz #38764 (security):
    (ISO reader) fix possible heap buffer overflow in read_children()
  IS #1715 and OSS-Fuzz #46279 (security):
    (RARv4 reader) fix heap-use-after-free in run_filters()

MFC after:	3 days

contrib/libarchive/libarchive/archive_read_support_format_iso9660.c

@@ -1007,7 +1007,8 @@ read_children(struct archive_read *a, struct file_info *parent)
 		p = b;
 		b += iso9660->logical_block_size;
 		step -= iso9660->logical_block_size;
-		for (; *p != 0 && p < b && p + *p <= b; p += *p) {
+		for (; *p != 0 && p + DR_name_offset < b && p + *p <= b;
+			p += *p) {
 			struct file_info *child;
 
 			/* N.B.: these special directory identifiers

contrib/libarchive/libarchive/archive_read_support_format_rar.c

@@ -3328,6 +3328,7 @@ run_filters(struct archive_read *a)
   struct rar *rar = (struct rar *)(a->format->data);
   struct rar_filters *filters = &rar->filters;
   struct rar_filter *filter = filters->stack;
+  struct rar_filter *f;
   size_t start, end;
   int64_t tend;
   uint32_t lastfilteraddress;
@@ -3345,6 +3346,22 @@ run_filters(struct archive_read *a)
   ret = expand(a, &tend);
   if (ret != ARCHIVE_OK)
     return 0;
+
+  /* Check if filter stack was modified in expand() */
+  ret = ARCHIVE_FATAL;
+  f = filters->stack;
+  while (f)
+  {
+    if (f == filter)
+    {
+      ret = ARCHIVE_OK;
+      break;
+    }
+    f = f->next;
+  }
+  if (ret != ARCHIVE_OK)
+    return 0;
+
   if (tend < 0)
     return 0;
   end = (size_t)tend;