From 05ebb55896d10a9737dad9ae0303f7f45489ba6f Mon Sep 17 00:00:00 2001 From: Grzegorz Antoniak Date: Sat, 13 Feb 2021 09:08:13 +0100 Subject: RAR5 reader: fixed out of bounds read in some files Added more range checks in the bit stream reading functions (read_bits_16 and read_bits_32) in order to better guard against out of memory reads. This commit contains a test with OSSFuzz sample #30448. --- Makefile.am | 1 + 1 file changed, 1 insertion(+) (limited to 'Makefile.am') diff --git a/Makefile.am b/Makefile.am index c5796f29..963c9421 100644 --- a/Makefile.am +++ b/Makefile.am @@ -893,6 +893,7 @@ libarchive_test_EXTRA_DIST=\ libarchive/test/test_read_format_rar5_arm_filter_on_window_boundary.rar.uu \ libarchive/test/test_read_format_rar5_different_winsize_on_merge.rar.uu \ libarchive/test/test_read_format_rar5_block_size_is_too_small.rar.uu \ + libarchive/test/test_read_format_rar5_decode_number_out_of_bounds_read.rar.uu \ libarchive/test/test_read_format_raw.bufr.uu \ libarchive/test/test_read_format_raw.data.gz.uu \ libarchive/test/test_read_format_raw.data.Z.uu \ -- cgit v1.2.1