git.ipfire.org Git - thirdparty/libarchive.git/commit

author	Grzegorz Antoniak <ga@anadoxin.org>
	Wed, 1 May 2019 05:32:58 +0000 (07:32 +0200)
committer	Grzegorz Antoniak <ga@anadoxin.org>
	Wed, 1 May 2019 05:32:58 +0000 (07:32 +0200)
commit	3614747af54e60229a2bf11e8f40e1b975cc9ae6
tree	a7bc942c341ad3b04d456685226b790a1240533d	tree
parent	02f465f175f9925a1779e09e9f5f563e5a8fc5b4	commit \| diff

RAR5 reader: handle a case with truncated huffman tables.

RAR5 reader did assume that the block contains full huffman table data.
In invalid files that declare existence of huffman tables, but also
declare too small block size to fit the huffman tables in, RAR5 reader
was interpreting memory beyond the allocated block.

The commit adds necessary buffer overflow checks and fails the huffman
table reading function in case truncated data will be detected.

The commit also provides a unit test for this case.

Should fix OSSFuzz issue #12817.

libarchive/archive_read_support_format_rar5.c		diff \| blob \| blame \| history
libarchive/test/test_read_format_rar5.c		diff \| blob \| blame \| history
libarchive/test/test_read_format_rar5_truncated_huff.rar.uu	[new file with mode: 0644]	blob