From: Tobias Stoeckmann <stoeckmann@users.noreply.github.com>
Date: Thu, 25 Apr 2024 09:18:30 +0000 (+0000)
Subject: zip: Fix out of boundary access (#2145)
X-Git-Tag: v3.7.4~4
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b6a979481b7d77c12fa17bbed94576b63bbcb0c0;p=thirdparty%2Flibarchive.git

zip: Fix out of boundary access (#2145)

If a ZIP file contains a file with an empty name and mac-ext option is
set, then a check accesses memory out of bound of `name`.
---

diff --git a/libarchive/archive_read_support_format_zip.c b/libarchive/archive_read_support_format_zip.c
index d7b6f082e..7552a1a1a 100644
--- a/libarchive/archive_read_support_format_zip.c
+++ b/libarchive/archive_read_support_format_zip.c
@@ -4089,7 +4089,7 @@ slurp_central_directory(struct archive_read *a, struct archive_entry* entry,
 				 * as the actual resource fork doesn't end with '/'.
 				 */
 				size_t tmp_length = filename_length;
-				if (name[tmp_length - 1] == '/') {
+				if (tmp_length > 0 && name[tmp_length - 1] == '/') {
 					tmp_length--;
 					r = rsrc_basename(name, tmp_length);
 				}