Merge pull request #2668 from stoeckmann/7z_oob

author Martin Matuška <martin@matuska.de>

Thu, 12 Jun 2025 08:51:45 +0000 (10:51 +0200)

committer Martin Matuska <martin@matuska.de>

Wed, 10 Sep 2025 08:14:34 +0000 (10:14 +0200)
author Martin Matuška <martin@matuska.de>
Thu, 12 Jun 2025 08:51:45 +0000 (10:51 +0200)
committer Martin Matuska <martin@matuska.de>
Wed, 10 Sep 2025 08:14:34 +0000 (10:14 +0200)
diff --git a/libarchive/archive_read_support_format_7zip.c b/libarchive/archive_read_support_format_7zip.c

index f273f84be521d44079fb0211ca159387034525fc..84626128770273c8753e5595a261e808f8b6e9df 100644 (file)
--- a/libarchive/archive_read_support_format_7zip.c
+++ b/libarchive/archive_read_support_format_7zip.c
@@ -80,7 +80,7 @@
  /*
   * ELF format
   */
-#define ELF_HDR_MIN_LEN 0x34
+#define ELF_HDR_MIN_LEN 0x3f
  #define ELF_HDR_EI_CLASS_OFFSET 0x04
  #define ELF_HDR_EI_DATA_OFFSET 0x05
  
@@ -811,6 +811,8 @@ find_elf_data_sec(struct archive_read *a)
                         strtab_size = (*dec32)(
                             h + e_shstrndx * e_shentsize + 0x14);
                 }
+               if (strtab_size < 6 || strtab_size > SIZE_MAX)
+                       break;
  
                 /*
                  * Read the STRTAB section to find the .data offset
author	Martin Matuška <martin@matuska.de>
	Thu, 12 Jun 2025 08:51:45 +0000 (10:51 +0200)
committer	Martin Matuska <martin@matuska.de>
	Wed, 10 Sep 2025 08:14:34 +0000 (10:14 +0200)