From: Joerg Sonnenberger <joerg@bec.de>
Date: Sun, 9 Sep 2018 18:31:59 +0000 (+0200)
Subject: Handle whitespace-only ACL fields correctly.
X-Git-Tag: v3.4.0~179
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=0cda60af13e709e670af90553b2271bf194e7ccd;p=thirdparty%2Flibarchive.git

Handle whitespace-only ACL fields correctly.

The logic would result in possible reads before the start of a buffer.

Reported-By: OSS-Fuzz issue 10192
---

diff --git a/libarchive/archive_acl.c b/libarchive/archive_acl.c
index 4736531af..9941d2f6f 100644
--- a/libarchive/archive_acl.c
+++ b/libarchive/archive_acl.c
@@ -2058,6 +2058,12 @@ next_field(const char **p, const char **start,
 	}
 	*sep = **p;
 
+	/* If the field is only whitespace, bail out now. */
+	if (**p == '\0') {
+		*end = *p;
+		return;
+	}
+
 	/* Trim trailing whitespace to locate end of field. */
 	*end = *p - 1;
 	while (**end == ' ' || **end == '\t' || **end == '\n') {