]> git.ipfire.org Git - thirdparty/libarchive.git/commit
projects / thirdparty / libarchive.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 0968512) | patch
rar: Fix heap-buffer-overflow (#2599)
authorTobias Stoeckmann <stoeckmann@users.noreply.github.com>
Sun, 11 May 2025 17:00:11 +0000 (19:00 +0200)
committerGitHub <noreply@github.com>
Sun, 11 May 2025 17:00:11 +0000 (19:00 +0200)
commita612bf62f86a6faa47bd57c52b94849f0a404d8c
treea9d38a7885d6feb0bf1539126a28c2826a241ad5tree
parent09685126fcec664e2b8ca595e1fc371bd494d209commit | diff
rar: Fix heap-buffer-overflow (#2599)

A filter block size must not be larger than the lzss window, which is
defined
by dictionary size, which in turn can be derived from unpacked file
size.

While at it, improve error messages and fix lzss window wrap around
logic.

Fixes https://github.com/libarchive/libarchive/issues/2565

---------

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
Co-authored-by: Tim Kientzle <kientzle@acm.org>
Makefile.am diff | blob | blame | history
libarchive/archive_read_support_format_rar.c diff | blob | blame | history
libarchive/test/CMakeLists.txt diff | blob | blame | history
libarchive/test/test_read_format_rar_overflow.c [new file with mode: 0644] blob
libarchive/test/test_read_format_rar_overflow.rar.uu [new file with mode: 0644] blob
Mirror of https://github.com/libarchive/libarchive.git