d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

libarchive: merge vendor bugfix

Browse Source 
OSS-Fuzz #44843 (security):
RAR reader: fix null-dereference in RAR (v4) filter code

X-MFC-with:	833a452e9d
This commit is contained in:
Martin Matuska 2022-02-21 12:06:54 +01:00
commit 5ccf909af9
1 changed files with 9 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
contrib/libarchive/libarchive/archive_read_support_format_rar.c
View File

@ -3328,20 +3328,25 @@ run_filters(struct archive_read *a)
struct rar *rar = (struct rar *)(a->format->data);
struct rar_filters *filters = &rar->filters;
struct rar_filter *filter = filters->stack;
size_t start = filters->filterstart;
size_t end = start + filter->blocklength;
size_t start, end;
int64_t tend;
uint32_t lastfilteraddress;
uint32_t lastfilterlength;
int ret;
if (filters == NULL || filter == NULL)
return (0);
start = filters->filterstart;
end = start + filter->blocklength;
filters->filterstart = INT64_MAX;
tend = (int64_t)end;
ret = expand(a, &tend);
if (ret != ARCHIVE_OK)
return (ret);
return 0;
if (tend < 0)
return (ARCHIVE_FATAL);
return 0;
end = (size_t)tend;
if (end != start + filter->blocklength)
return 0;