File CVE-2025-5917.patch of Package libarchive.39705

From 14f8dca480161a118360955f8958e1dda05a6aba Mon Sep 17 00:00:00 2001
From: Brian Campbell <Brian.Campbell@ed.ac.uk>
Date: Thu, 24 Apr 2025 10:46:40 +0100
Subject: [PATCH] Fix overflow in build_ustar_entry

The calculations for the suffix and prefix can increment the endpoint for a
trailing slash.  Hence the limits used should be one lower than the
maximum number of bytes.
---
 libarchive/archive_write_set_format_pax.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

Index: libarchive-3.5.1/libarchive/archive_write_set_format_pax.c
===================================================================
--- libarchive-3.5.1.orig/libarchive/archive_write_set_format_pax.c
+++ libarchive-3.5.1/libarchive/archive_write_set_format_pax.c
@@ -1542,7 +1542,7 @@ build_ustar_entry_name(char *dest, const
 	const char *filename, *filename_end;
 	char *p;
 	int need_slash = 0; /* Was there a trailing slash? */
-	size_t suffix_length = 99;
+	size_t suffix_length = 98; /* 99 - 1 for trailing slash */
 	size_t insert_length;
 
 	/* Length of additional dir element to be added. */
@@ -1594,7 +1594,7 @@ build_ustar_entry_name(char *dest, const
 	/* Step 2: Locate the "prefix" section of the dirname, including
 	 * trailing '/'. */
 	prefix = src;
-	prefix_end = prefix + 155;
+	prefix_end = prefix + 154 /* 155 - 1 for trailing / */;
 	if (prefix_end > filename)
 		prefix_end = filename;
 	while (prefix_end > prefix && *prefix_end != '/')