git.ipfire.org Git - thirdparty/libarchive.git/commit

author	Grzegorz Antoniak <ga@anadoxin.org>
	Mon, 24 Jun 2019 05:07:02 +0000 (07:07 +0200)
committer	Grzegorz Antoniak <ga@anadoxin.org>
	Mon, 24 Jun 2019 05:16:53 +0000 (07:16 +0200)
commit	2331456dc1f83e6b20e656e69fa01b6e30302865
tree	1a871c4f29879c87553ca4b51a362d7d9dfa9c11	tree \| snapshot
parent	a163558c388bb2ccedef683e8031c11193e6875c	commit \| diff

RAR5 reader: fix ARM filter going beyond window buffer boundary

RAR5 uses filters in order to mutate data just before compression, to
achieve a better compression ratio. After decompression, this mutation
needs to be reversed by processing various filters that the compressor
uses.

One of such filters is an ARM executable file filter, which changes some
bytes in the input stream if the stream is recognized as an executable
file with ARM native code.

This commit fixes the situation when the decompressor using an ARM filter
was referencing a byte outside current window buffer. Such action is
invalid and can produce segmentation faults.

This commit also adds a test using OSSFuzz sample #15431.

Makefile.am		diff \| blob \| blame \| history
libarchive/archive_read_support_format_rar5.c		diff \| blob \| blame \| history
libarchive/test/test_read_format_rar5.c		diff \| blob \| blame \| history
libarchive/test/test_read_format_rar5_arm_filter_on_window_boundary.rar.uu	[new file with mode: 0644]	blob