summaryrefslogtreecommitdiffstats
path: root/meta/recipes-extended/libarchive/libarchive/CVE-2024-26256.patch
blob: 717a31f0e1f7406a988a481a4adad735665ad9c2 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29

From eb7939b24a681a04648a59cdebd386b1e9dc9237 Mon Sep 17 00:00:00 2001
From: Wei-Cheng Pan <legnaleurc@gmail.com>
Date: Tue, 14 May 2024 08:50:44 +0000
Subject: [PATCH] fix: OOB in rar e8 filter (#2135) This patch fixes an
 out-of-bound error in rar e8 filter.

CVE: CVE-2024-26256
Upstream-Status: Backport [https://github.com/libarchive/libarchive/commit/eb7939b24a681a04648a59cdebd386b1e9dc9237]

Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
---
 libarchive/archive_read_support_format_rar.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libarchive/archive_read_support_format_rar.c b/libarchive/archive_read_support_format_rar.c
index 793e8e9..b8397d0 100644
--- a/libarchive/archive_read_support_format_rar.c
+++ b/libarchive/archive_read_support_format_rar.c
@@ -3624,7 +3624,7 @@ execute_filter_e8(struct rar_filter *filter, struct rar_virtual_machine *vm, siz
   uint32_t filesize = 0x1000000;
   uint32_t i;

-  if (length > PROGRAM_WORK_SIZE || length < 4)
+  if (length > PROGRAM_WORK_SIZE || length <= 4)
     return 0;

   for (i = 0; i <= length - 5; i++)
--
2.40.0
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-09-23 00:57:06 +0000