From: Denys Vlasenko <vda.linux@googlemail.com>
Date: Fri, 10 Jan 2014 17:02:38 +0000 (+0100)
Subject: tar: tighten up pax header validity check
X-Git-Tag: 1_23_0~219
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=0f592d7fb94c5887528d0ee24020c2225ab71c28;p=oweals%2Fbusybox.git

tar: tighten up pax header validity check

function                                             old     new   delta
get_header_tar                                      1785    1795     +10

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
---

diff --git a/archival/libarchive/get_header_tar.c b/archival/libarchive/get_header_tar.c
index 32f842095..54d910431 100644
--- a/archival/libarchive/get_header_tar.c
+++ b/archival/libarchive/get_header_tar.c
@@ -115,7 +115,9 @@ static void process_pax_hdr(archive_handle_t *archive_handle, unsigned sz, int g
 		 */
 		p += len;
 		sz -= len;
-		if ((int)sz < 0
+		if (
+		/** (int)sz < 0 - not good enough for huge malicious VALUE of 2^32-1 */
+		    (int)(sz|len) < 0 /* this works */
 		 || len == 0
 		 || errno != EINVAL
 		 || *end != ' '