ckolivas/lrzip
1
0
Fork 0
mirror of https://github.com/ckolivas/lrzip.git synced 2025-12-06 07:12:00 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

Cope with corrupt/crafted archive stream overruns.

Browse source
This commit is contained in:
Con Kolivas 2018-05-28 15:06:04 +10:00
parent 3cadc63e39
commit a81248e47d
1 changed files with 3 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
stream.c
View file

@ -1710,6 +1710,7 @@ out:
print_maxverbose("Taking decompressed data from thread %ld\n", s->unext_thread); print_maxverbose("Taking decompressed data from thread %ld\n", s->unext_thread);
s->buf = ucthread[s->unext_thread].s_buf; s->buf = ucthread[s->unext_thread].s_buf;
ucthread[s->unext_thread].s_buf = NULL;
s->buflen = ucthread[s->unext_thread].u_len; s->buflen = ucthread[s->unext_thread].u_len;
sinfo->ram_alloced -= s->buflen; sinfo->ram_alloced -= s->buflen;
s->bufp = 0; s->bufp = 0;
@ -1755,6 +1756,8 @@ i64 read_stream(rzip_control *control, void *ss, int streamno, uchar *p, i64 len
n = MIN(s->buflen - s->bufp, len); n = MIN(s->buflen - s->bufp, len);
if (n > 0) { if (n > 0) {
if (unlikely(!s->buf))
failure_return(("Stream ran out prematurely, likely corrupt archive\n"), -1);
memcpy(p, s->buf + s->bufp, n); memcpy(p, s->buf + s->bufp, n);
s->bufp += n; s->bufp += n;
p += n; p += n;