busybox/archival/libarchive
Samuel Sapalski f25d254dfd decompress_gunzip: Fix DoS if gzip is corrupt
On certain corrupt gzip files, huft_build will set the error bit on
the result pointer. If afterwards abort_unzip is called huft_free
might run into a segmentation fault or an invalid pointer to
free(p).

In order to mitigate this, we check in huft_free if the error bit
is set and clear it before the linked list is freed.

Signed-off-by: Samuel Sapalski <samuel.sapalski@nokia.com>
Signed-off-by: Peter Kaestle <peter.kaestle@nokia.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-03-12 10:45:10 +01:00
..
bz decrease paddign: gcc-9.3.1 slaps 32-byte alignment on arrays willy-nilly 2020-11-30 13:03:03 +01:00
unxz dpkg-deb: work around bogus error message when working with XZ compressed packages 2019-10-11 14:11:44 +02:00
common.c whitespace and comment format fixes, no code changes 2017-10-05 14:40:24 +02:00
data_align.c whitespace and comment format fixes, no code changes 2017-10-05 14:40:24 +02:00
data_extract_all.c tar: add TODO about a bug with non-writable directories on extract 2021-01-01 13:34:25 +01:00
data_extract_to_command.c decrease paddign: gcc-9.3.1 slaps 32-byte alignment on arrays willy-nilly 2020-11-30 13:03:03 +01:00
data_extract_to_stdout.c whitespace and comment format fixes, no code changes 2017-10-05 14:40:24 +02:00
data_skip.c whitespace and comment format fixes, no code changes 2017-10-05 14:40:24 +02:00
decompress_bunzip2.c libbb: reduce the overhead of single parameter bb_error_msg() calls 2019-07-02 11:35:03 +02:00
decompress_gunzip.c decompress_gunzip: Fix DoS if gzip is corrupt 2021-03-12 10:45:10 +01:00
decompress_uncompress.c libbb: reduce the overhead of single parameter bb_error_msg() calls 2019-07-02 11:35:03 +02:00
decompress_unlzma.c libbb: reduce the overhead of single parameter bb_error_msg() calls 2019-07-02 11:35:03 +02:00
decompress_unxz.c dpkg-deb: work around bogus error message when working with XZ compressed packages 2019-10-11 14:11:44 +02:00
filter_accept_all.c whitespace and comment format fixes, no code changes 2017-10-05 14:40:24 +02:00
filter_accept_list_reassign.c whitespace and comment format fixes, no code changes 2017-10-05 14:40:24 +02:00
filter_accept_list.c whitespace and comment format fixes, no code changes 2017-10-05 14:40:24 +02:00
filter_accept_reject_list.c whitespace and comment format fixes, no code changes 2017-10-05 14:40:24 +02:00
find_list_entry.c whitespace and comment format fixes, no code changes 2017-10-05 14:40:24 +02:00
get_header_ar.c archival: avoid std namespace for local includes 2020-11-16 13:24:24 +01:00
get_header_cpio.c libbb: reduce the overhead of single parameter bb_error_msg() calls 2019-07-02 11:35:03 +02:00
get_header_tar_bz2.c whitespace and comment format fixes, no code changes 2017-10-05 14:40:24 +02:00
get_header_tar_gz.c whitespace and comment format fixes, no code changes 2017-10-05 14:40:24 +02:00
get_header_tar_lzma.c whitespace and comment format fixes, no code changes 2017-10-05 14:40:24 +02:00
get_header_tar_xz.c whitespace and comment format fixes, no code changes 2017-10-05 14:40:24 +02:00
get_header_tar.c tar: fix fallout of last_char_is(NULL) no longer being allowed 2020-10-02 18:30:53 +02:00
header_list.c rename archive.h to bb_archive.h. no code changes 2011-09-22 12:45:14 +02:00
header_skip.c rename archive.h to bb_archive.h. no code changes 2011-09-22 12:45:14 +02:00
header_verbose_list.c whitespace and comment format fixes, no code changes 2017-10-05 14:40:24 +02:00
init_handle.c whitespace and comment format fixes, no code changes 2017-10-05 14:40:24 +02:00
Kbuild.src hush: allow hush to run embedded scripts 2018-11-27 16:13:07 +01:00
liblzo.h lzop: add overflow check 2014-06-30 10:14:34 +02:00
lzo1x_1.c
lzo1x_1o.c
lzo1x_9x.c randomconfig fixes 2018-12-27 18:03:20 +01:00
lzo1x_c.c whitespace cleanup. no code changes 2013-01-14 15:57:44 +01:00
lzo1x_d.c lzop: code shrink 2018-02-01 01:41:31 +01:00
open_transformer.c libbb: reduce the overhead of single parameter bb_error_msg() calls 2019-07-02 11:35:03 +02:00
seek_by_jump.c libbb: reduce the overhead of single parameter bb_error_msg() calls 2019-07-02 11:35:03 +02:00
seek_by_read.c whitespace and comment format fixes, no code changes 2017-10-05 14:40:24 +02:00
unpack_ar_archive.c archival: avoid std namespace for local includes 2020-11-16 13:24:24 +01:00
unsafe_prefix.c whitespace and comment format fixes, no code changes 2017-10-05 14:40:24 +02:00
unsafe_symlink_target.c tar: fix interaction of delayed symlink and hardlink creation 2018-05-22 17:34:31 +02:00