gzip: Fix OOB with huge filenames

If a filename is larger than INT_MAX, an out of boundary write could
occur on 64 bit systems. Fix data types and ignore such huge file names.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>

diff --git a/libarchive/archive_write_add_filter_gzip.c b/libarchive/archive_write_add_filter_gzip.c
index cdf974e077c5af631af7555f73c7972bbe003947..571927558a9ac62aafbabb3ff0c6bddb4eaa1ae9 100644 (file)
--- a/libarchive/archive_write_add_filter_gzip.c
+++ b/libarchive/archive_write_add_filter_gzip.c
@@ -253,9 +253,9 @@ archive_compressor_gzip_open(struct archive_write_filter *f)
                /* Limit "original filename" to 32k or the
                 * remaining space in the buffer, whichever is smaller.
                 */
-               int ofn_length = strlen(data->original_filename);
-               int ofn_max_length = 32768;
-               int ofn_space_available = data->compressed
+               size_t ofn_length = strlen(data->original_filename);
+               size_t ofn_max_length = 32768;
+               size_t ofn_space_available = data->compressed
                        + data->compressed_buffer_size
                        - data->stream.next_out
                        - 1;