git.ipfire.org Git - thirdparty/libarchive.git/commit

author	Grzegorz Antoniak <ga@anadoxin.org>
	Sat, 13 Feb 2021 09:13:22 +0000 (10:13 +0100)
committer	Grzegorz Antoniak <ga@anadoxin.org>
	Tue, 8 Feb 2022 06:21:44 +0000 (07:21 +0100)
commit	313bcd7ac547f7cc25945831f63507420c0874d7
tree	876359930127f353bb029b40a97bd512bfea4152	tree
parent	c9788f9b70ba930797bd114b2149d8c633d2d6cb	commit \| diff

RAR5 reader: add more checks for invalid extraction parameters

Some specially crafted files declare invalid extraction parameters that
can confuse the RAR5 reader.

One of the arguments is the declared window size parameter that the
archive file can declare for each file stored in the archive. Some
crafted files declare window size equal to 0, which is clearly wrong.

This commit adds additional safety checks decreasing the tolerance of
the RAR5 format.

This commit also contains OSSFuzz sample #30459.

Makefile.am		diff \| blob \| blame \| history
libarchive/archive_read_support_format_rar5.c		diff \| blob \| blame \| history
libarchive/test/test_read_format_rar5.c		diff \| blob \| blame \| history
libarchive/test/test_read_format_rar5_bad_window_sz_in_mltarc_file.rar.uu	[new file with mode: 0644]	blob