Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP1:Update
libarchive.2786
CVE-2016-4302.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2016-4302.patch of Package libarchive.2786
commit 05caadc7eedbef471ac9610809ba683f0c698700 Author: Tim Kientzle <kientzle@acm.org> Date: Sun Jun 19 14:21:42 2016 -0700 Issue 719: Fix for TALOS-CAN-154 A RAR file with an invalid zero dictionary size was not being rejected, leading to a zero-sized allocation for the dictionary storage which was then overwritten during the dictionary initialization. Thanks to the Open Source and Threat Intelligence project at Cisco for reporting this. Index: libarchive-3.1.2/libarchive/archive_read_support_format_rar.c =================================================================== --- libarchive-3.1.2.orig/libarchive/archive_read_support_format_rar.c +++ libarchive-3.1.2/libarchive/archive_read_support_format_rar.c @@ -2077,6 +2077,12 @@ parse_codes(struct archive_read *a) rar->range_dec.Stream = &rar->bytein; __archive_ppmd7_functions.Ppmd7_Construct(&rar->ppmd7_context); + if (rar->dictionary_size == 0) { + archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, + "Invalid zero dictionary size"); + return (ARCHIVE_FATAL); + } + if (!__archive_ppmd7_functions.Ppmd7_Alloc(&rar->ppmd7_context, rar->dictionary_size, &g_szalloc)) {
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
