diff options
author | Tim Kientzle <kientzle@FreeBSD.org> | 2009-09-08 05:02:41 +0000 |
---|---|---|
committer | Tim Kientzle <kientzle@FreeBSD.org> | 2009-09-08 05:02:41 +0000 |
commit | 466017cf767efdfde89f9dfc0d177aeca0644c1d (patch) | |
tree | aa659235a766562489c5e5df50433c586b4b04bf /lib | |
parent | 26baaf01698f09bd5d5122376dcea458c83b3a04 (diff) | |
download | src-466017cf767efdfde89f9dfc0d177aeca0644c1d.tar.gz src-466017cf767efdfde89f9dfc0d177aeca0644c1d.zip |
Fiz /usr/bin/unzip: A bug deep in libarchive's read-ahead logic
(incorrect handling of zero-length reads before the copy buffer is
allocated) is masked by the iso9660 taster. Tar and cpio both enable
that taster so were protected from the bug; unzip is susceptible.
This both fixes the bug and updates the test harness to exercise
this case.
Submitted by: Ed Schouten diagnosed the bug and drafted a patch
MFC after: 7 days
Notes
Notes:
svn path=/head/; revision=196962
Diffstat (limited to 'lib')
-rw-r--r-- | lib/libarchive/archive_read.c | 7 | ||||
-rw-r--r-- | lib/libarchive/test/test_compat_zip.c | 2 |
2 files changed, 6 insertions, 3 deletions
diff --git a/lib/libarchive/archive_read.c b/lib/libarchive/archive_read.c index 9274d661cc45..fd4f888867bd 100644 --- a/lib/libarchive/archive_read.c +++ b/lib/libarchive/archive_read.c @@ -928,9 +928,12 @@ __archive_read_filter_ahead(struct archive_read_filter *filter, for (;;) { /* - * If we can satisfy from the copy buffer, we're done. + * If we can satisfy from the copy buffer (and the + * copy buffer isn't empty), we're done. In particular, + * note that min == 0 is a perfectly well-defined + * request. */ - if (filter->avail >= min) { + if (filter->avail >= min && filter->avail > 0) { if (avail != NULL) *avail = filter->avail; return (filter->next); diff --git a/lib/libarchive/test/test_compat_zip.c b/lib/libarchive/test/test_compat_zip.c index f60bc4f817aa..fefc6fefabdf 100644 --- a/lib/libarchive/test/test_compat_zip.c +++ b/lib/libarchive/test/test_compat_zip.c @@ -36,7 +36,7 @@ test_compat_zip_1(void) assert((a = archive_read_new()) != NULL); assertEqualIntA(a, ARCHIVE_OK, archive_read_support_compression_all(a)); - assertEqualIntA(a, ARCHIVE_OK, archive_read_support_format_all(a)); + assertEqualIntA(a, ARCHIVE_OK, archive_read_support_format_zip(a)); extract_reference_file(name); assertEqualIntA(a, ARCHIVE_OK, archive_read_open_filename(a, name, 10240)); |