busybox/archival
Samuel Sapalski f25d254dfd decompress_gunzip: Fix DoS if gzip is corrupt
On certain corrupt gzip files, huft_build will set the error bit on
the result pointer. If afterwards abort_unzip is called huft_free
might run into a segmentation fault or an invalid pointer to
free(p).

In order to mitigate this, we check in huft_free if the error bit
is set and clear it before the linked list is freed.

Signed-off-by: Samuel Sapalski <samuel.sapalski@nokia.com>
Signed-off-by: Peter Kaestle <peter.kaestle@nokia.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-03-12 10:45:10 +01:00
..
libarchive decompress_gunzip: Fix DoS if gzip is corrupt 2021-03-12 10:45:10 +01:00
ar.c help text tweaks 2020-12-18 04:12:51 +01:00
bbunzip_test2.sh add tests for gunzip 2007-10-05 15:27:03 +00:00
bbunzip_test3.sh add tests for gunzip 2007-10-05 15:27:03 +00:00
bbunzip_test.sh add tests for gunzip 2007-10-05 15:27:03 +00:00
bbunzip.c help text tweaks 2020-12-18 04:12:51 +01:00
bzip2.c help text tweaks 2020-12-13 19:04:19 +01:00
Config.src restore documentation on the build config language 2018-06-06 15:16:48 +02:00
cpio.c help text tweaks 2020-12-18 04:12:51 +01:00
dpkg_deb.c help text tweaks 2020-12-18 04:12:51 +01:00
dpkg.c decrease paddign: gcc-9.3.1 slaps 32-byte alignment on arrays willy-nilly 2020-11-30 13:03:03 +01:00
gzip.c gzip: code shrink 2019-09-06 17:59:45 +02:00
Kbuild.src cpio: implement -R/--owner 2015-10-16 17:24:46 +02:00
lzop.c libbb: reduce the overhead of single parameter bb_error_msg() calls 2019-07-02 11:35:03 +02:00
rpm.c libbb: add and use infrastructure for fixed page size optimization 2020-12-14 18:54:30 +01:00
rpm.h *: make GNU licensing statement forms more regular 2010-08-16 20:14:46 +02:00
tar_symlink_attack tar: postpone creation of symlinks with "suspicious" targets. Closes 8411 2017-07-24 17:20:13 +02:00
tar.c tar: expand --help 2020-12-08 16:46:41 +01:00
unzip.c unzip: -d should create the dir 2020-04-29 14:37:21 +02:00