|
|
995285 |
From 3ad08e01b4d253c66ae56414886089684155af22 Mon Sep 17 00:00:00 2001
|
|
|
995285 |
From: Tim Kientzle <kientzle@acm.org>
|
|
|
995285 |
Date: Sun, 19 Jun 2016 14:34:37 -0700
|
|
|
995285 |
Subject: [PATCH] Issue 717: Fix integer overflow when computing location of
|
|
|
995285 |
volume descriptor
|
|
|
995285 |
|
|
|
995285 |
The multiplication here defaulted to 'int' but calculations
|
|
|
995285 |
of file positions should always use int64_t. A simple cast
|
|
|
995285 |
suffices to fix this since the base location is always 32 bits
|
|
|
995285 |
for ISO, so multiplying by the sector size will never overflow
|
|
|
995285 |
a 64-bit integer.
|
|
|
995285 |
---
|
|
|
995285 |
libarchive/archive_read_support_format_iso9660.c | 4 ++--
|
|
|
995285 |
1 file changed, 2 insertions(+), 2 deletions(-)
|
|
|
995285 |
|
|
|
995285 |
diff --git a/libarchive/archive_read_support_format_iso9660.c b/libarchive/archive_read_support_format_iso9660.c
|
|
|
995285 |
index 6934cee..f41ba38 100644
|
|
|
995285 |
--- a/libarchive/archive_read_support_format_iso9660.c
|
|
|
995285 |
+++ b/libarchive/archive_read_support_format_iso9660.c
|
|
|
995285 |
@@ -1091,7 +1091,7 @@ choose_volume(struct archive_read *a, struct iso9660 *iso9660)
|
|
|
995285 |
/* This condition is unlikely; by way of caution. */
|
|
|
995285 |
vd = &(iso9660->joliet);
|
|
|
995285 |
|
|
|
995285 |
- skipsize = LOGICAL_BLOCK_SIZE * vd->location;
|
|
|
995285 |
+ skipsize = LOGICAL_BLOCK_SIZE * (int64_t)vd->location;
|
|
|
995285 |
skipsize = __archive_read_consume(a, skipsize);
|
|
|
995285 |
if (skipsize < 0)
|
|
|
995285 |
return ((int)skipsize);
|
|
|
995285 |
@@ -1129,7 +1129,7 @@ choose_volume(struct archive_read *a, struct iso9660 *iso9660)
|
|
|
995285 |
&& iso9660->seenJoliet) {
|
|
|
995285 |
/* Switch reading data from primary to joliet. */
|
|
|
995285 |
vd = &(iso9660->joliet);
|
|
|
995285 |
- skipsize = LOGICAL_BLOCK_SIZE * vd->location;
|
|
|
995285 |
+ skipsize = LOGICAL_BLOCK_SIZE * (int64_t)vd->location;
|
|
|
995285 |
skipsize -= iso9660->current_position;
|
|
|
995285 |
skipsize = __archive_read_consume(a, skipsize);
|
|
|
995285 |
if (skipsize < 0)
|
|
|
995285 |
--
|
|
|
995285 |
2.7.4
|
|
|
995285 |
|