From 1cbc76faffb79a99c6009a1816736f73b4a3632a Mon Sep 17 00:00:00 2001
From: Tim Kientzle <kientzle@acm.org>
Date: Sat, 7 Feb 2015 12:59:39 -0800
Subject: [PATCH] Issue 404: Read past end of string parsing fflags

---
 libarchive/archive_entry.c | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

diff --git a/libarchive/archive_entry.c b/libarchive/archive_entry.c
index 7958a17e3..65d0d2ee0 100644
--- a/libarchive/archive_entry.c
+++ b/libarchive/archive_entry.c
@@ -1745,13 +1745,12 @@ ae_strtofflags(const char *s, unsigned long *setp, unsigned long *clrp)
 		    *end != ' '  &&  *end != ',')
 			end++;
 		for (flag = flags; flag->name != NULL; flag++) {
-			if (memcmp(start, flag->name, end - start) == 0) {
+			if (strcmp(start, flag->name) == 0) {
 				/* Matched "noXXXX", so reverse the sense. */
 				clear |= flag->set;
 				set |= flag->clear;
 				break;
-			} else if (memcmp(start, flag->name + 2, end - start)
-			    == 0) {
+			} else if (strcmp(start, flag->name + 2) == 0) {
 				/* Matched "XXXX", so don't reverse. */
 				set |= flag->set;
 				clear |= flag->clear;
@@ -1809,13 +1808,12 @@ ae_wcstofflags(const wchar_t *s, unsigned long *setp, unsigned long *clrp)
 		    *end != L' '  &&  *end != L',')
 			end++;
 		for (flag = flags; flag->wname != NULL; flag++) {
-			if (wmemcmp(start, flag->wname, end - start) == 0) {
+			if (wstrcmp(start, flag->wname) == 0) {
 				/* Matched "noXXXX", so reverse the sense. */
 				clear |= flag->set;
 				set |= flag->clear;
 				break;
-			} else if (wmemcmp(start, flag->wname + 2, end - start)
-			    == 0) {
+			} else if (wstrcmp(start, flag->wname + 2) == 0) {
 				/* Matched "XXXX", so don't reverse. */
 				set |= flag->set;
 				clear |= flag->clear;
-- 
2.47.2