]> git.ipfire.org Git - thirdparty/libarchive.git/commitdiff
projects / thirdparty / libarchive.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 287e05d)
lha: Do not allow negative file sizes (#2155)
authorTobias Stoeckmann <stoeckmann@users.noreply.github.com>
Mon, 29 Apr 2024 20:06:30 +0000 (22:06 +0200)
committerGitHub <noreply@github.com>
Mon, 29 Apr 2024 20:06:30 +0000 (22:06 +0200)
Files sizes cannot be negative, so abort lha processing if archive
claims otherwise.

libarchive/archive_read_support_format_lha.c patch | blob | blame | history

diff --git a/libarchive/archive_read_support_format_lha.c b/libarchive/archive_read_support_format_lha.c
index 4d6290ac33bb18f57b3d9fce8b59727c9f09088a..ae5a1d7d668e0e9558c1a121c5ca52a0318515cc 100644 (file)
--- a/libarchive/archive_read_support_format_lha.c
+++ b/libarchive/archive_read_support_format_lha.c
@@ -1347,6 +1347,8 @@ lha_read_file_extended_header(struct archive_read *a, struct lha *lha,
                                lha->compsize = archive_le64dec(extdheader);
                                extdheader += sizeof(uint64_t);
                                lha->origsize = archive_le64dec(extdheader);
+                               if (lha->compsize < 0 || lha->origsize < 0)
+                                       goto invalid;
                        }
                        break;
                case EXT_CODEPAGE:
Mirror of https://github.com/libarchive/libarchive.git