File CVE-2016-4301.patch of Package libarchive

Overview Repositories Revisions Requests Users Attributes Meta

File CVE-2016-4301.patch of Package libarchive

commit 4e002d9a92ecd7cec0fb98b0bedbace8aad81f6e
Author: Jean-Yves Migeon <jeanyves.migeon@free.fr>
Date:   Tue Sep 3 16:12:37 2013 +0200

Add the device parsing logic. It allows mtree's libarchive to
    parse device entries like NetBSD's mtree and its multiple possible
    format: native, 386bsd, 4bsd, bsdos, freebsd, hpux, isc, linux, netbsd,
    osf1, sco, solaris, sunos, svr3, svr4, and ultrix.

Index: libarchive-3.1.2/libarchive/archive_read_support_format_mtree.c
===================================================================
--- libarchive-3.1.2.orig/libarchive/archive_read_support_format_mtree.c
+++ libarchive-3.1.2/libarchive/archive_read_support_format_mtree.c
@@ -1333,12 +1333,12 @@ parse_device(struct archive *a, struct a
 				    "Missing number");
 				return ARCHIVE_WARN;
 			}
-			numbers[argc++] = mtree_atol(&p);
-			if (argc > MAX_PACK_ARGS) {
+			if (argc >= MAX_PACK_ARGS) {
 				archive_set_error(a, ARCHIVE_ERRNO_FILE_FORMAT,
 				    "Too many arguments");
 				return ARCHIVE_WARN;
 			}
+			numbers[argc++] = (unsigned long)mtree_atol(&p);
 		}
 		if (argc < 2) {
 			archive_set_error(a, ARCHIVE_ERRNO_FILE_FORMAT,

Places

File CVE-2016-4301.patch of Package libarchive

Places