Overview

File 0001-warc-Prevent-signed-integer-overflow-2568.patch of Package xtrabackup.19025

--- a/storage/innobase/xtrabackup/src/libarchive/libarchive/archive_read_support_format_warc.c
+++ b/storage/innobase/xtrabackup/src/libarchive/libarchive/archive_read_support_format_warc.c
@@ -363,7 +363,8 @@ start_over:
 		/* FALLTHROUGH */
 	default:
 		/* consume the content and start over */
-		_warc_skip(a);
+		if (_warc_skip(a) < 0)
+			return (ARCHIVE_FATAL);
 		goto start_over;
 	}
 	return (ARCHIVE_OK);
@@ -411,7 +412,9 @@ _warc_skip(struct archive_read *a)
 {
 	struct warc_s *w = a->format->data;
 
-	__archive_read_consume(a, w->cntlen + 4U/*\r\n\r\n separator*/);
+	if (__archive_read_consume(a, w->cntlen) < 0 ||
+		__archive_read_consume(a, 4U/*\r\n\r\n separator*/) < 0)
+		return (ARCHIVE_FATAL);
 	w->cntlen = 0U;
 	w->cntoff = 0U;
 	return (ARCHIVE_OK);
openSUSE Build Service is sponsored by
Places