aboutsummaryrefslogtreecommitdiff
path: root/archival
diff options
context:
space:
mode:
Diffstat (limited to 'archival')
-rw-r--r--archival/libarchive/decompress_unlzma.c15
-rw-r--r--archival/libarchive/get_header_ar.c22
2 files changed, 23 insertions, 14 deletions
diff --git a/archival/libarchive/decompress_unlzma.c b/archival/libarchive/decompress_unlzma.c
index 80a453806..446319e7b 100644
--- a/archival/libarchive/decompress_unlzma.c
+++ b/archival/libarchive/decompress_unlzma.c
@@ -224,6 +224,7 @@ unpack_lzma_stream(transformer_state_t *xstate)
224 rc_t *rc; 224 rc_t *rc;
225 int i; 225 int i;
226 uint8_t *buffer; 226 uint8_t *buffer;
227 uint32_t buffer_size;
227 uint8_t previous_byte = 0; 228 uint8_t previous_byte = 0;
228 size_t buffer_pos = 0, global_pos = 0; 229 size_t buffer_pos = 0, global_pos = 0;
229 int len = 0; 230 int len = 0;
@@ -253,7 +254,8 @@ unpack_lzma_stream(transformer_state_t *xstate)
253 if (header.dict_size == 0) 254 if (header.dict_size == 0)
254 header.dict_size++; 255 header.dict_size++;
255 256
256 buffer = xmalloc(MIN(header.dst_size, header.dict_size)); 257 buffer_size = MIN(header.dst_size, header.dict_size);
258 buffer = xmalloc(buffer_size);
257 259
258 { 260 {
259 int num_probs; 261 int num_probs;
@@ -464,7 +466,10 @@ unpack_lzma_stream(transformer_state_t *xstate)
464 if ((int32_t)pos < 0) { 466 if ((int32_t)pos < 0) {
465 pos += header.dict_size; 467 pos += header.dict_size;
466 /* bug 10436 has an example file where this triggers: */ 468 /* bug 10436 has an example file where this triggers: */
467 if ((int32_t)pos < 0) 469 //if ((int32_t)pos < 0)
470 // goto bad;
471 /* more stringent test (see unzip_bad_lzma_1.zip): */
472 if (pos >= buffer_size)
468 goto bad; 473 goto bad;
469 } 474 }
470 previous_byte = buffer[pos]; 475 previous_byte = buffer[pos];
@@ -493,6 +498,12 @@ unpack_lzma_stream(transformer_state_t *xstate)
493 IF_DESKTOP(total_written += buffer_pos;) 498 IF_DESKTOP(total_written += buffer_pos;)
494 if (transformer_write(xstate, buffer, buffer_pos) != (ssize_t)buffer_pos) { 499 if (transformer_write(xstate, buffer, buffer_pos) != (ssize_t)buffer_pos) {
495 bad: 500 bad:
501 /* One of our users, bbunpack(), expects _us_ to emit
502 * the error message (since it's the best place to give
503 * potentially more detailed information).
504 * Do not fail silently.
505 */
506 bb_error_msg("corrupted data");
496 total_written = -1; /* failure */ 507 total_written = -1; /* failure */
497 } 508 }
498 rc_free(rc); 509 rc_free(rc);
diff --git a/archival/libarchive/get_header_ar.c b/archival/libarchive/get_header_ar.c
index 93e071c9f..adcde46d5 100644
--- a/archival/libarchive/get_header_ar.c
+++ b/archival/libarchive/get_header_ar.c
@@ -34,10 +34,6 @@ char FAST_FUNC get_header_ar(archive_handle_t *archive_handle)
34 char raw[60]; 34 char raw[60];
35 struct ar_header formatted; 35 struct ar_header formatted;
36 } ar; 36 } ar;
37#if ENABLE_FEATURE_AR_LONG_FILENAMES
38 static char *ar_long_names;
39 static unsigned ar_long_name_size;
40#endif
41 37
42 /* dont use xread as we want to handle the error ourself */ 38 /* dont use xread as we want to handle the error ourself */
43 if (read(archive_handle->src_fd, ar.raw, 60) != 60) { 39 if (read(archive_handle->src_fd, ar.raw, 60) != 60) {
@@ -81,10 +77,10 @@ char FAST_FUNC get_header_ar(archive_handle_t *archive_handle)
81 * stores long filename for multiple entries, they are stored 77 * stores long filename for multiple entries, they are stored
82 * in static variable long_names for use in future entries 78 * in static variable long_names for use in future entries
83 */ 79 */
84 ar_long_name_size = size; 80 archive_handle->ar__long_name_size = size;
85 free(ar_long_names); 81 free(archive_handle->ar__long_names);
86 ar_long_names = xzalloc(size + 1); 82 archive_handle->ar__long_names = xzalloc(size + 1);
87 xread(archive_handle->src_fd, ar_long_names, size); 83 xread(archive_handle->src_fd, archive_handle->ar__long_names, size);
88 archive_handle->offset += size; 84 archive_handle->offset += size;
89 /* Return next header */ 85 /* Return next header */
90 return get_header_ar(archive_handle); 86 return get_header_ar(archive_handle);
@@ -107,13 +103,13 @@ char FAST_FUNC get_header_ar(archive_handle_t *archive_handle)
107 unsigned long_offset; 103 unsigned long_offset;
108 104
109 /* The number after the '/' indicates the offset in the ar data section 105 /* The number after the '/' indicates the offset in the ar data section
110 * (saved in ar_long_names) that contains the real filename */ 106 * (saved in ar__long_names) that contains the real filename */
111 long_offset = read_num(&ar.formatted.name[1], 10, 107 long_offset = read_num(&ar.formatted.name[1], 10,
112 sizeof(ar.formatted.name) - 1); 108 sizeof(ar.formatted.name) - 1);
113 if (long_offset >= ar_long_name_size) { 109 if (long_offset >= archive_handle->ar__long_name_size) {
114 bb_error_msg_and_die("can't resolve long filename"); 110 bb_error_msg_and_die("can't resolve long filename");
115 } 111 }
116 typed->name = xstrdup(ar_long_names + long_offset); 112 typed->name = xstrdup(archive_handle->ar__long_names + long_offset);
117 } else 113 } else
118#endif 114#endif
119 { 115 {
@@ -127,8 +123,10 @@ char FAST_FUNC get_header_ar(archive_handle_t *archive_handle)
127 archive_handle->action_header(typed); 123 archive_handle->action_header(typed);
128#if ENABLE_DPKG || ENABLE_DPKG_DEB 124#if ENABLE_DPKG || ENABLE_DPKG_DEB
129 if (archive_handle->dpkg__sub_archive) { 125 if (archive_handle->dpkg__sub_archive) {
130 while (archive_handle->dpkg__action_data_subarchive(archive_handle->dpkg__sub_archive) == EXIT_SUCCESS) 126 struct archive_handle_t *sa = archive_handle->dpkg__sub_archive;
127 while (archive_handle->dpkg__action_data_subarchive(sa) == EXIT_SUCCESS)
131 continue; 128 continue;
129 create_symlinks_from_list(sa->symlink_placeholders);
132 } else 130 } else
133#endif 131#endif
134 archive_handle->action_data(archive_handle); 132 archive_handle->action_data(archive_handle);
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-30 18:08:20 +0000