diff options
| author | Ben Wagner <bungeman@chromium.org> | 2022-07-19 13:02:40 -0400 |
|---|---|---|
| committer | Ben Wagner <bungeman@chromium.org> | 2022-07-24 17:02:03 -0400 |
| commit | fc8c6d2786ecba731d77d33fe3b034f581fcbde3 (patch) | |
| tree | 15707c232809d03bc242d8a9d89a2836a0d8dacc /Makefile.am | |
| parent | 1385cd9c5126d9b681b7396ad2f353779ad143ba (diff) | |
| download | libarchive-fc8c6d2786ecba731d77d33fe3b034f581fcbde3.tar.gz | |
Validate entry_bytes_remaining in pax_attribute
The `size` attribute may contain a negative or too large value. Check
the range of the `entry_bytes_remaining` in `pax_attribute` the same way
as `header_common`. The test which is added passes both with and without
this change in a normal debug build. It is necessary to run with
`-fsanitize=undefined` to see that the undefined behavior is avoided.
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=48467
Diffstat (limited to 'Makefile.am')
| -rw-r--r-- | Makefile.am | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/Makefile.am b/Makefile.am index 743aaa0d..3fd2fdbf 100644 --- a/Makefile.am +++ b/Makefile.am @@ -513,6 +513,7 @@ libarchive_test_SOURCES= \ libarchive/test/test_read_format_tar_empty_filename.c \ libarchive/test/test_read_format_tar_empty_with_gnulabel.c \ libarchive/test/test_read_format_tar_filename.c \ + libarchive/test/test_read_format_tar_invalid_pax_size.c \ libarchive/test/test_read_format_tbz.c \ libarchive/test/test_read_format_tgz.c \ libarchive/test/test_read_format_tlz.c \ @@ -905,6 +906,7 @@ libarchive_test_EXTRA_DIST=\ libarchive/test/test_read_format_tar_empty_with_gnulabel.tar.uu \ libarchive/test/test_read_format_tar_empty_pax.tar.Z.uu \ libarchive/test/test_read_format_tar_filename_koi8r.tar.Z.uu \ + libarchive/test/test_read_format_tar_invalid_pax_size.tar.uu \ libarchive/test/test_read_format_ustar_filename_cp866.tar.Z.uu \ libarchive/test/test_read_format_ustar_filename_eucjp.tar.Z.uu \ libarchive/test/test_read_format_ustar_filename_koi8r.tar.Z.uu \ |