From b3bd0b81a1a06909f766dea8be4072ef81de62b8 Mon Sep 17 00:00:00 2001
From: Martin Matuska <martin@matuska.org>
Date: Wed, 8 Feb 2017 00:23:08 +0100
Subject: [PATCH] mtree reader: limit the range of nanoseconds (0 to 999999999)
 Prevents a possible integer overflow in archive_entry_set_mtime()

Reported-By:	OSS-Fuzz issue 538
---
 libarchive/archive_read_support_format_mtree.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/libarchive/archive_read_support_format_mtree.c b/libarchive/archive_read_support_format_mtree.c
index 979a499d1..4231ff500 100644
--- a/libarchive/archive_read_support_format_mtree.c
+++ b/libarchive/archive_read_support_format_mtree.c
@@ -1608,8 +1608,11 @@ parse_keyword(struct archive_read *a, struct mtree *mtree,
 			if (*val == '.') {
 				++val;
 				ns = (long)mtree_atol10(&val);
-			} else
-				ns = 0;
+				if (ns < 0)
+					ns = 0;
+				else if (ns > 999999999)
+					ns = 999999999;
+			}
 			if (m > my_time_t_max)
 				m = my_time_t_max;
 			else if (m < my_time_t_min)
-- 
2.47.2