eebe28265f
- Added CVE-2013-0211.patch to fix CVE-2013-0211 (bnc#800024) OBS-URL: https://build.opensuse.org/request/show/261218 OBS-URL: https://build.opensuse.org/package/show/Archiving/libarchive?expand=0&rev=36
19 lines
706 B
Diff
19 lines
706 B
Diff
Index: libarchive-3.1.2/libarchive/archive_write.c
|
|
===================================================================
|
|
--- libarchive-3.1.2.orig/libarchive/archive_write.c
|
|
+++ libarchive-3.1.2/libarchive/archive_write.c
|
|
@@ -671,8 +671,13 @@ static ssize_t
|
|
_archive_write_data(struct archive *_a, const void *buff, size_t s)
|
|
{
|
|
struct archive_write *a = (struct archive_write *)_a;
|
|
+ size_t max_write = INT_MAX;
|
|
+
|
|
archive_check_magic(&a->archive, ARCHIVE_WRITE_MAGIC,
|
|
ARCHIVE_STATE_DATA, "archive_write_data");
|
|
+ /* This catches attempts to pass negative values. */
|
|
+ if (s > max_write)
|
|
+ s = max_write;
|
|
archive_clear_error(&a->archive);
|
|
return ((a->format_write_data)(a, buff, s));
|
|
}
|