From 0cda60af13e709e670af90553b2271bf194e7ccd Mon Sep 17 00:00:00 2001
From: Joerg Sonnenberger <joerg@bec.de>
Date: Sun, 9 Sep 2018 20:31:59 +0200
Subject: [PATCH] Handle whitespace-only ACL fields correctly.

The logic would result in possible reads before the start of a buffer.

Reported-By: OSS-Fuzz issue 10192
---
 libarchive/archive_acl.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/libarchive/archive_acl.c b/libarchive/archive_acl.c
index 4736531af..9941d2f6f 100644
--- a/libarchive/archive_acl.c
+++ b/libarchive/archive_acl.c
@@ -2058,6 +2058,12 @@ next_field(const char **p, const char **start,
 	}
 	*sep = **p;
 
+	/* If the field is only whitespace, bail out now. */
+	if (**p == '\0') {
+		*end = *p;
+		return;
+	}
+
 	/* Trim trailing whitespace to locate end of field. */
 	*end = *p - 1;
 	while (**end == ' ' || **end == '\t' || **end == '\n') {
-- 
2.47.2