ISO reader: fix possible heap buffer overflow in read_children()

OSS-Fuzz issue: 38764 Fixes #1685
author: Martin Matuska <martin@matuska.org> 2022-03-30 21:14:00 +0200
committer: Martin Matuska <martin@matuska.org> 2022-03-30 23:41:14 +0200
commit: 9ad5f077491b9536f01dadca1724385c39cd7613 (patch)
tree: d719332ec3762332baa5e305946ce0ab541e8396
parent: cfaa28168a07ea4a53276b63068f94fce37d6aff (diff)
download: libarchive-9ad5f077491b9536f01dadca1724385c39cd7613.tar.gz
1 files changed, 2 insertions, 1 deletions
diff --git a/libarchive/archive_read_support_format_iso9660.c b/libarchive/archive_read_support_format_iso9660.c
index db14d41d..cd7f92f4 100644
--- a/libarchive/archive_read_support_format_iso9660.c
+++ b/libarchive/archive_read_support_format_iso9660.c
@@ -1007,7 +1007,8 @@ read_children(struct archive_read *a, struct file_info *parent)
 		p = b;
 		b += iso9660->logical_block_size;
 		step -= iso9660->logical_block_size;
-		for (; *p != 0 && p < b && p + *p <= b; p += *p) {
+		for (; *p != 0 && p + DR_name_offset < b && p + *p <= b;
+			p += *p) {
 			struct file_info *child;
 
 			/* N.B.: these special directory identifiers
author	Martin Matuska <martin@matuska.org>	2022-03-30 21:14:00 +0200
committer	Martin Matuska <martin@matuska.org>	2022-03-30 23:41:14 +0200
commit	9ad5f077491b9536f01dadca1724385c39cd7613 (patch)
tree	d719332ec3762332baa5e305946ce0ab541e8396
parent	cfaa28168a07ea4a53276b63068f94fce37d6aff (diff)
download	libarchive-9ad5f077491b9536f01dadca1724385c39cd7613.tar.gz