Date: Thu, 13 Dec 2018 11:15:14 +0000 (UTC) From: Martin Matuska <mm@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-vendor@freebsd.org Subject: svn commit: r342041 - vendor/libarchive/dist/libarchive Message-ID: <201812131115.wBDBFEtn024624@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: mm Date: Thu Dec 13 11:15:14 2018 New Revision: 342041 URL: https://svnweb.freebsd.org/changeset/base/342041 Log: Update vendor/libarchive/dist to git cef97307a3f681fcbb2cc02db6df3619a3f8b69c Relevant vendor changes: PR #1105: Fix various crash, memory corruption and infinite loop conditions Modified: vendor/libarchive/dist/libarchive/archive_acl.c vendor/libarchive/dist/libarchive/archive_read_support_format_rar.c vendor/libarchive/dist/libarchive/archive_read_support_format_warc.c Modified: vendor/libarchive/dist/libarchive/archive_acl.c ============================================================================== --- vendor/libarchive/dist/libarchive/archive_acl.c Thu Dec 13 11:04:59 2018 (r342040) +++ vendor/libarchive/dist/libarchive/archive_acl.c Thu Dec 13 11:15:14 2018 (r342041) @@ -1723,6 +1723,11 @@ archive_acl_from_text_l(struct archive_acl *acl, const st = field[n].start + 1; len = field[n].end - field[n].start; + if (len == 0) { + ret = ARCHIVE_WARN; + continue; + } + switch (*s) { case 'u': if (len == 1 || (len == 4 Modified: vendor/libarchive/dist/libarchive/archive_read_support_format_rar.c ============================================================================== --- vendor/libarchive/dist/libarchive/archive_read_support_format_rar.c Thu Dec 13 11:04:59 2018 (r342040) +++ vendor/libarchive/dist/libarchive/archive_read_support_format_rar.c Thu Dec 13 11:15:14 2018 (r342041) @@ -258,6 +258,7 @@ struct rar struct data_block_offsets *dbo; unsigned int cursor; unsigned int nodes; + char filename_must_match; /* LZSS members */ struct huffman_code maincode; @@ -1560,6 +1561,12 @@ read_header(struct archive_read *a, struct archive_ent } return ret; } + else if (rar->filename_must_match) + { + archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, + "Mismatch of file parts split across multi-volume archive"); + return (ARCHIVE_FATAL); + } rar->filename_save = (char*)realloc(rar->filename_save, filename_size + 1); @@ -2300,6 +2307,11 @@ parse_codes(struct archive_read *a) new_size = DICTIONARY_MAX_SIZE; else new_size = rar_fls((unsigned int)rar->unp_size) << 1; + if (new_size == 0) { + archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, + "Zero window size is invalid."); + return (ARCHIVE_FATAL); + } new_window = realloc(rar->lzss.window, new_size); if (new_window == NULL) { archive_set_error(&a->archive, ENOMEM, @@ -2928,12 +2940,14 @@ rar_read_ahead(struct archive_read *a, size_t min, ssi else if (*avail == 0 && rar->main_flags & MHD_VOLUME && rar->file_flags & FHD_SPLIT_AFTER) { + rar->filename_must_match = 1; ret = archive_read_format_rar_read_header(a, a->entry); if (ret == (ARCHIVE_EOF)) { rar->has_endarc_header = 1; ret = archive_read_format_rar_read_header(a, a->entry); } + rar->filename_must_match = 0; if (ret != (ARCHIVE_OK)) return NULL; return rar_read_ahead(a, min, avail); Modified: vendor/libarchive/dist/libarchive/archive_read_support_format_warc.c ============================================================================== --- vendor/libarchive/dist/libarchive/archive_read_support_format_warc.c Thu Dec 13 11:04:59 2018 (r342040) +++ vendor/libarchive/dist/libarchive/archive_read_support_format_warc.c Thu Dec 13 11:15:14 2018 (r342041) @@ -386,6 +386,11 @@ _warc_read(struct archive_read *a, const void **buf, s return (ARCHIVE_EOF); } + if (w->unconsumed) { + __archive_read_consume(a, w->unconsumed); + w->unconsumed = 0U; + } + rab = __archive_read_ahead(a, 1U, &nrd); if (nrd < 0) { *bsz = 0U;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201812131115.wBDBFEtn024624>