From: Grzegorz Antoniak <ga@anadoxin.org>
Date: Sun, 12 May 2019 05:41:47 +0000 (+0200)
Subject: RAR reader: add a test for fix b8592ecb
X-Git-Tag: v3.4.0~26^2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=063ce058a97edaa2bc53145376e10e264afca9ac;p=thirdparty%2Flibarchive.git

RAR reader: add a test for fix b8592ecb

This commit adds an OSSFuzz sample and a test for fix from commit
b8592ecb.
---

diff --git a/libarchive/test/test_read_format_rar.c b/libarchive/test/test_read_format_rar.c
index 9b9d6bda4..f08b06bc6 100644
--- a/libarchive/test/test_read_format_rar.c
+++ b/libarchive/test/test_read_format_rar.c
@@ -3756,3 +3756,26 @@ DEFINE_TEST(test_read_format_rar_multivolume_uncompressed_files)
   assertEqualIntA(a, ARCHIVE_OK, archive_read_close(a));
   assertEqualIntA(a, ARCHIVE_OK, archive_read_free(a));
 }
+
+DEFINE_TEST(test_read_format_rar_ppmd_use_after_free)
+{
+  uint8_t buf[16];
+  const char* reffile = "test_read_format_rar_ppmd_use_after_free.rar";
+
+  struct archive_entry *ae;
+  struct archive *a;
+
+  extract_reference_file(reffile);
+  assert((a = archive_read_new()) != NULL);
+  assertA(0 == archive_read_support_filter_all(a));
+  assertA(0 == archive_read_support_format_all(a));
+  assertA(0 == archive_read_open_filename(a, reffile, 10240));
+
+  assertA(ARCHIVE_OK == archive_read_next_header(a, &ae));
+  assertA(archive_read_data(a, buf, sizeof(buf)) <= 0);
+  assertA(ARCHIVE_OK == archive_read_next_header(a, &ae));
+  assertA(archive_read_data(a, buf, sizeof(buf)) <= 0);
+
+  assertEqualIntA(a, ARCHIVE_OK, archive_read_close(a));
+  assertEqualInt(ARCHIVE_OK, archive_read_free(a));
+}
diff --git a/libarchive/test/test_read_format_rar_ppmd_use_after_free.rar.uu b/libarchive/test/test_read_format_rar_ppmd_use_after_free.rar.uu
new file mode 100644
index 000000000..136338653
--- /dev/null
+++ b/libarchive/test/test_read_format_rar_ppmd_use_after_free.rar.uu
@@ -0,0 +1,10 @@
+begin 644 test_read_format_rar_ppmd_use_after_free.rar
+M4F%R(1H'``1G=$Q26`!W````>U!+`P0R`'#_J7\`+@TU'`#]`0`7__]"0D)"
+M+W5N<V5T"6=I9`UD#1T+``!"`````````&%R(1H'``1G>TQ26`!W=&@`[E!+
+M`P0Q`'#_(````"`@(+<@!/T`("`@("`@("`@("`@("`@("`@("`@("`@("`@
+M("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@
+M("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@("`@(`1G=$Q26`!W````
+M>U!+`P0R`'#_J7\`+@TU'`#]`0`7__]"0D)"+W5N<V5T"6=I9`UD#1T+``!"
+@`````````&%R(1H'``1G>TQ26`!W=&@`[E!+`P0Q`'``
+`
+end