From: Tobias Stoeckmann <stoeckmann@users.noreply.github.com>
Date: Mon, 29 Apr 2024 20:06:30 +0000 (+0200)
Subject: lha: Do not allow negative file sizes (#2155)
X-Git-Tag: v3.7.5~92
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=93b11caed8b7e23081d3247b182fbc1b86a120f9;p=thirdparty%2Flibarchive.git

lha: Do not allow negative file sizes (#2155)

Files sizes cannot be negative, so abort lha processing if archive
claims otherwise.
---

diff --git a/libarchive/archive_read_support_format_lha.c b/libarchive/archive_read_support_format_lha.c
index 4d6290ac3..ae5a1d7d6 100644
--- a/libarchive/archive_read_support_format_lha.c
+++ b/libarchive/archive_read_support_format_lha.c
@@ -1347,6 +1347,8 @@ lha_read_file_extended_header(struct archive_read *a, struct lha *lha,
 				lha->compsize = archive_le64dec(extdheader);
 				extdheader += sizeof(uint64_t);
 				lha->origsize = archive_le64dec(extdheader);
+				if (lha->compsize < 0 || lha->origsize < 0)
+					goto invalid;
 			}
 			break;
 		case EXT_CODEPAGE: