RAR5 reader: verify that buffer is initialized in copy_string()

Fixes broken test_read_format_rar5_invalid_dict_reference on OmniOS

diff --git a/libarchive/archive_read_support_format_rar5.c b/libarchive/archive_read_support_format_rar5.c
index 87a8c611d89c5155b9e8f07a6bd00597ca6c0228..06b340f8d16e62021e8374eac95cf647692b9fa8 100644 (file)
--- a/libarchive/archive_read_support_format_rar5.c
+++ b/libarchive/archive_read_support_format_rar5.c
@@ -2750,6 +2750,9 @@ static int copy_string(struct archive_read* a, int len, int dist) {
            rar->cstate.solid_offset;
        int i;
 
+       if (rar->cstate.window_buf == NULL)
+               return ARCHIVE_FATAL;
+
        /* The unpacker spends most of the time in this function. It would be
         * a good idea to introduce some optimizations here.
         *