From: Tim Kientzle Date: Sat, 13 Mar 2010 06:40:02 +0000 (-0500) Subject: Issue 76: Correct segfault when Zip bidder sees a file that is less than 128k X-Git-Tag: v3.0.0a~1155 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1fb2ae5cc0d9d5d12bd8bd7ea4a88f138072d6c4;p=thirdparty%2Flibarchive.git Issue 76: Correct segfault when Zip bidder sees a file that is less than 128k and starts with "MZ". The "MZ" signature identifies executable files that could be self-extracting Zip files; the Zip bidder incorrectly handled end-of-file when searching ahead for the Zip contents. Submitted by: dardoguidobono SVN-Revision: 2028 --- diff --git a/libarchive/archive_read_support_format_zip.c b/libarchive/archive_read_support_format_zip.c index 8f04b5428..49288ac07 100644 --- a/libarchive/archive_read_support_format_zip.c +++ b/libarchive/archive_read_support_format_zip.c @@ -225,7 +225,7 @@ archive_read_format_zip_bid(struct archive_read *a) /* Get 4k of data beyond where we stopped. */ buff = __archive_read_ahead(a, offset + 4096, &bytes_avail); - if (bytes_avail < offset + 1) + if (buff == NULL) break; p = (const char *)buff + offset; while (p + 9 < (const char *)buff + bytes_avail) {