From: Joerg Sonnenberger <joerg@bec.de>
Date: Mon, 7 Jan 2019 20:34:28 +0000 (+0100)
Subject: Do something useful for directories by setting the mask to 0.
X-Git-Tag: v3.4.0~145
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b52dd6c9e4ef7cf95c2a6ae5ab7ccac7f6d462a1;p=thirdparty%2Flibarchive.git

Do something useful for directories by setting the mask to 0.

This avoids buffer overflows by always truncating the window correctly.

Reported-By: OSS-Fuzz issue 11011
---

diff --git a/libarchive/archive_read_support_format_rar5.c b/libarchive/archive_read_support_format_rar5.c
index 31f9dd530..99d817681 100644
--- a/libarchive/archive_read_support_format_rar5.c
+++ b/libarchive/archive_read_support_format_rar5.c
@@ -1836,7 +1836,10 @@ static int rar5_read_header(struct archive_read *a,
 
 static void init_unpack(struct rar5* rar) {
     rar->file.calculated_crc32 = 0;
-    rar->cstate.window_mask = rar->cstate.window_size - 1;
+    if (rar->cstate.window_size)
+        rar->cstate.window_mask = rar->cstate.window_size - 1;
+    else
+        rar->cstate.window_mask = 0;
 
     if(rar->cstate.window_buf)
         free(rar->cstate.window_buf);