]> git.ipfire.org Git - thirdparty/libarchive.git/commit
projects / thirdparty / libarchive.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 35e6301) | patch
Sanity-check gzip header field length (#2366)
authorTim Kientzle <kientzle@acm.org>
Fri, 11 Oct 2024 06:14:58 +0000 (23:14 -0700)
committerGitHub <noreply@github.com>
Fri, 11 Oct 2024 06:14:58 +0000 (08:14 +0200)
commitb34c1f4def427e21b821dd0837208ede51532281
tree4409e90b49d4aabd1a29abdf8f2e7ef18ec02631tree
parent35e630174e18442f3b1ec432cef78a5b9b6818aacommit | diff
Sanity-check gzip header field length (#2366)

OSS-Fuzz managed to construct a small gzip input that decompresses into
another gzip input with an extremely large filename field. This causes
libarchive to hang processing the inner gzip.

Address this by rejecting any gzip input where the filename or comment
fields exceed 1MiB.

Credit: OSS-Fuzz
Makefile.am diff | blob | blame | history
libarchive/archive_read_support_filter_gzip.c diff | blob | blame | history
libarchive/test/CMakeLists.txt diff | blob | blame | history
libarchive/test/test_read_filter_gzip_recursive.c [new file with mode: 0644] blob
libarchive/test/test_read_filter_gzip_recursive.gz.uu [new file with mode: 0644] blob
Mirror of https://github.com/libarchive/libarchive.git