From b6a979481b7d77c12fa17bbed94576b63bbcb0c0 Mon Sep 17 00:00:00 2001 From: Tobias Stoeckmann Date: Thu, 25 Apr 2024 09:18:30 +0000 Subject: [PATCH] zip: Fix out of boundary access (#2145) If a ZIP file contains a file with an empty name and mac-ext option is set, then a check accesses memory out of bound of `name`. --- libarchive/archive_read_support_format_zip.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libarchive/archive_read_support_format_zip.c b/libarchive/archive_read_support_format_zip.c index d7b6f082e..7552a1a1a 100644 --- a/libarchive/archive_read_support_format_zip.c +++ b/libarchive/archive_read_support_format_zip.c @@ -4089,7 +4089,7 @@ slurp_central_directory(struct archive_read *a, struct archive_entry* entry, * as the actual resource fork doesn't end with '/'. */ size_t tmp_length = filename_length; - if (name[tmp_length - 1] == '/') { + if (tmp_length > 0 && name[tmp_length - 1] == '/') { tmp_length--; r = rsrc_basename(name, tmp_length); } -- 2.47.2