]> git.ipfire.org Git - thirdparty/libarchive.git/commit
projects / thirdparty / libarchive.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 05c86f9) | patch
pax writer: fix multiple security vulnerabilities
authorMartin Matuska <martin@matuska.de>
Thu, 17 Aug 2023 22:28:39 +0000 (00:28 +0200)
committerMartin Matuska <martin@matuska.de>
Fri, 18 Aug 2023 08:14:25 +0000 (10:14 +0200)
commit1b4e0d0f9d445ba3e4d0c7db7ce0b30300572fe8
treea57d872eaeeae527a3e53bda58b8ba628a1444fdtree
parent05c86f9c755198110baa2fd462d14025670d1e62commit | diff
pax writer: fix multiple security vulnerabilities

Security vulnerabilities:
1. Heap overflow in url_encode() in archive_write_set_format_pax.c
2. NULL dereference in archive_write_pax_header_xattrs()
3. Another NULL dereference in archive_write_pax_header_xattrs()
4. NULL dereference in archive_write_pax_header_xattr()

The vulnerabilities can be triggered when writing pax archives
with extended attributes (SCHILY or LIBARCHIVE) by feeding attribute
names longer than INT_MAX or attribute names that fail to be encoded
properly.

Reported-by: Bahaa Naamneh of Crosspoint Labs
libarchive/archive_write_set_format_pax.c diff | blob | blame | history
Mirror of https://github.com/libarchive/libarchive.git