1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-25 15:07:45 +00:00

LibArchive: Make get_field_as_integral error out on non-octal input

Fixes this bug that was reported by OSS-Fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=52493
This commit is contained in:
implicitfield 2022-11-11 18:31:45 +02:00 committed by Andrew Kaster
parent c88d8a21cc
commit 58e9262ff1
4 changed files with 54 additions and 19 deletions

View file

@ -25,7 +25,12 @@ size_t TarFileStream::read(Bytes bytes)
if (has_any_error())
return 0;
auto to_read = min(bytes.size(), m_tar_stream.header().size() - m_tar_stream.m_file_offset);
auto header_size_or_error = m_tar_stream.header().size();
if (header_size_or_error.is_error())
return 0;
auto header_size = header_size_or_error.release_value();
auto to_read = min(bytes.size(), header_size - m_tar_stream.m_file_offset);
auto nread = m_tar_stream.m_stream.read(bytes.trim(to_read));
m_tar_stream.m_file_offset += nread;
@ -37,8 +42,13 @@ bool TarFileStream::unreliable_eof() const
// verify that the stream has not advanced
VERIFY(m_tar_stream.m_generation == m_generation);
auto header_size_or_error = m_tar_stream.header().size();
if (header_size_or_error.is_error())
return true;
auto header_size = header_size_or_error.release_value();
return m_tar_stream.m_stream.unreliable_eof()
|| m_tar_stream.m_file_offset >= m_tar_stream.header().size();
|| m_tar_stream.m_file_offset >= header_size;
}
bool TarFileStream::read_or_error(Bytes bytes)
@ -59,7 +69,12 @@ bool TarFileStream::discard_or_error(size_t count)
// verify that the stream has not advanced
VERIFY(m_tar_stream.m_generation == m_generation);
if (count > m_tar_stream.header().size() - m_tar_stream.m_file_offset) {
auto header_size_or_error = m_tar_stream.header().size();
if (header_size_or_error.is_error())
return false;
auto header_size = header_size_or_error.release_value();
if (count > header_size - m_tar_stream.m_file_offset) {
return false;
}
m_tar_stream.m_file_offset += count;
@ -88,7 +103,13 @@ ErrorOr<void> TarInputStream::advance()
return Error::from_string_literal("Attempted to read a finished stream");
m_generation++;
VERIFY(m_stream.discard_or_error(block_ceiling(m_header.size()) - m_file_offset));
auto header_size_or_error = m_header.size();
if (header_size_or_error.is_error())
return header_size_or_error.release_error();
auto header_size = header_size_or_error.release_value();
VERIFY(m_stream.discard_or_error(block_ceiling(header_size) - m_file_offset));
m_file_offset = 0;
if (!m_stream.read_or_error(Bytes(&m_header, sizeof(m_header)))) {
@ -116,7 +137,10 @@ bool TarInputStream::valid() const
return false;
// POSIX.1-1988 tar does not have magic numbers, so we also need to verify the header checksum.
return header().checksum() == header().expected_checksum();
if (header().checksum().is_error())
return false;
return header().checksum().release_value() == header().expected_checksum();
}
TarFileStream TarInputStream::file_contents()