24 lines
1.3 KiB
Diff
24 lines
1.3 KiB
Diff
# This patch originally consisted of 3 hunks on the upstream:
|
|
# https://github.com/libarchive/libarchive/pull/2898/changes/e1907c5832b6489c7b4198b0825f857c93a03c10
|
|
# https://github.com/libarchive/libarchive/pull/2898/changes/d379dc0b2976b7207d1ad78f5ed3eb99a5b6d375
|
|
# but only the first hunk needs to be backported since the
|
|
# logic fix the second hunk provides does not need to be added
|
|
# as the logic is still correct in the current version of libarchive (3.3.3)
|
|
# thus the vulnerability in the code does not yet exist
|
|
#
|
|
# the third hunk of the patch is not needed either as the part of
|
|
# the code which contains the vulnerability is not yet present in this version (3.3.3)
|
|
diff -Naur libarchive-3.3.3/libarchive/archive_read_support_format_rar.c libarchive-3.3.3_patched/libarchive/archive_read_support_format_rar.c
|
|
--- libarchive-3.3.3/libarchive/archive_read_support_format_rar.c 2018-09-02 08:05:18.000000000 +0200
|
|
+++ libarchive-3.3.3_patched/libarchive/archive_read_support_format_rar.c 2026-04-09 08:54:50.569789984 +0200
|
|
@@ -2288,7 +2288,8 @@
|
|
return (r);
|
|
}
|
|
|
|
- if (!rar->dictionary_size || !rar->lzss.window)
|
|
+ if (!rar->dictionary_size || !rar->lzss.window ||
|
|
+ (unsigned int)(rar->lzss.mask + 1) < rar->dictionary_size)
|
|
{
|
|
/* Seems as though dictionary sizes are not used. Even so, minimize
|
|
* memory usage as much as possible.
|