[Fix] Fix infinite loop and OOB read in archive processing
- RAR v5 extra area parsing: fix wrong loop boundary (used advanced `p`
instead of `ex + extra_sz`), wrong advancement (`cur_sz` alone didn't
account for the size vint bytes), and wrong remain calculation for the
second vint read. Add bounds validation for `cur_sz`.
- 7zip codec ID: validate `p + sz <= end` before reading codec ID bytes
to prevent out-of-bounds read with malformed archives.
projects / thirdparty / rspamd.git / commit
