libarchive/libarchive-test-fuzz.patch

18 lines
666 B
Diff

Index: libarchive-2.8.5/libarchive/archive_read_support_format_iso9660.c
===================================================================
--- libarchive-2.8.5.orig/libarchive/archive_read_support_format_iso9660.c
+++ libarchive-2.8.5/libarchive/archive_read_support_format_iso9660.c
@@ -2161,6 +2161,12 @@ read_CE(struct archive_read *a, struct i
}
do {
file = heap->reqs[0].file;
+ if (file->ce_offset + file->ce_size > step) {
+ archive_set_error(&a->archive,
+ ARCHIVE_ERRNO_FILE_FORMAT,
+ "Malformed CE information");
+ return (ARCHIVE_FATAL);
+ }
p = b + file->ce_offset;
end = p + file->ce_size;
next_CE(heap);