LibArchive: Make TarInputStream::advance report errors

implicitfield · ADKaster · commit c88d8a21cc0c · 2022-11-13T17:37:26.000-07:00
Fixes this bug that was reported by OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=52862
diff --git a/Meta/Lagom/Fuzzers/FuzzTar.cpp b/Meta/Lagom/Fuzzers/FuzzTar.cpp
@@ -16,7 +16,7 @@ extern "C" int LLVMFuzzerTestOneInput(uint8_t const* data, size_t size)
     if (!tar_stream.valid())
         return 0;
 
-    for (; !tar_stream.finished(); tar_stream.advance()) {
+    while (!tar_stream.finished()) {
         auto const& header = tar_stream.header();
 
         if (!header.content_is_like_extended_header())
@@ -33,6 +33,10 @@ extern "C" int LLVMFuzzerTestOneInput(uint8_t const* data, size_t size)
         default:
             return 0;
         }
+
+        auto maybe_error = tar_stream.advance();
+        if (maybe_error.is_error())
+            return 0;
     }
 
     return 0;
diff --git a/Userland/Libraries/LibArchive/TarStream.cpp b/Userland/Libraries/LibArchive/TarStream.cpp
@@ -71,7 +71,7 @@ TarInputStream::TarInputStream(InputStream& stream)
 {
     if (!m_stream.read_or_error(Bytes(&m_header, sizeof(m_header)))) {
         m_finished = true;
-        m_stream.handle_any_error(); // clear out errors so we dont assert
+        m_stream.handle_any_error(); // clear out errors so we don't assert
         return;
     }
     VERIFY(m_stream.discard_or_error(block_size - sizeof(TarFileHeader)));
@@ -82,25 +82,27 @@ static constexpr unsigned long block_ceiling(unsigned long offset)
     return block_size * (1 + ((offset - 1) / block_size));
 }
 
-void TarInputStream::advance()
+ErrorOr<void> TarInputStream::advance()
 {
     if (m_finished)
-        return;
+        return Error::from_string_literal("Attempted to read a finished stream");
 
     m_generation++;
     VERIFY(m_stream.discard_or_error(block_ceiling(m_header.size()) - m_file_offset));
     m_file_offset = 0;
 
     if (!m_stream.read_or_error(Bytes(&m_header, sizeof(m_header)))) {
         m_finished = true;
-        return;
+        m_stream.handle_any_error(); // clear out errors so we don't assert
+        return Error::from_string_literal("Failed to read the header");
     }
     if (!valid()) {
         m_finished = true;
-        return;
+        return {};
     }
 
     VERIFY(m_stream.discard_or_error(block_size - sizeof(TarFileHeader)));
+    return {};
 }
 
 bool TarInputStream::valid() const
diff --git a/Userland/Libraries/LibArchive/TarStream.h b/Userland/Libraries/LibArchive/TarStream.h
@@ -34,7 +34,7 @@ class TarFileStream : public InputStream {
 class TarInputStream {
 public:
     TarInputStream(InputStream&);
-    void advance();
+    ErrorOr<void> advance();
     bool finished() const { return m_finished; }
     bool valid() const;
     TarFileHeader const& header() const { return m_header; }
diff --git a/Userland/Utilities/tar.cpp b/Userland/Utilities/tar.cpp
@@ -98,7 +98,7 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
             return {};
         };
 
-        for (; !tar_stream.finished(); tar_stream.advance()) {
+        while (!tar_stream.finished()) {
             Archive::TarFileHeader const& header = tar_stream.header();
 
             // Handle meta-entries earlier to avoid consuming the file content stream.
@@ -198,6 +198,10 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
 
             // Non-global headers should be cleared after every file.
             local_overrides.clear();
+
+            auto maybe_error = tar_stream.advance();
+            if (maybe_error.is_error())
+                return maybe_error.error();
         }
         file_stream.close();
 

Original file line number	Diff line number	Diff line change
`@@ -71,7 +71,7 @@ TarInputStream::TarInputStream(InputStream& stream)`
`71`	`71`	`{`
`72`	`72`	`if (!m_stream.read_or_error(Bytes(&m_header, sizeof(m_header)))) {`
`73`	`73`	`m_finished = true;`
`74`		`- m_stream.handle_any_error(); // clear out errors so we dont assert`
	`74`	`+ m_stream.handle_any_error(); // clear out errors so we don't assert`
`75`	`75`	`return;`
`76`	`76`	`}`
`77`	`77`	`VERIFY(m_stream.discard_or_error(block_size - sizeof(TarFileHeader)));`
`@@ -82,25 +82,27 @@ static constexpr unsigned long block_ceiling(unsigned long offset)`
`82`	`82`	`return block_size * (1 + ((offset - 1) / block_size));`
`83`	`83`	`}`
`84`	`84`
`85`		`-void TarInputStream::advance()`
	`85`	`+ErrorOr<void> TarInputStream::advance()`
`86`	`86`	`{`
`87`	`87`	`if (m_finished)`
`88`		`- return;`
	`88`	`+ return Error::from_string_literal("Attempted to read a finished stream");`
`89`	`89`
`90`	`90`	`m_generation++;`
`91`	`91`	`VERIFY(m_stream.discard_or_error(block_ceiling(m_header.size()) - m_file_offset));`
`92`	`92`	`m_file_offset = 0;`
`93`	`93`
`94`	`94`	`if (!m_stream.read_or_error(Bytes(&m_header, sizeof(m_header)))) {`
`95`	`95`	`m_finished = true;`
`96`		`- return;`
	`96`	`+ m_stream.handle_any_error(); // clear out errors so we don't assert`
	`97`	`+ return Error::from_string_literal("Failed to read the header");`
`97`	`98`	`}`
`98`	`99`	`if (!valid()) {`
`99`	`100`	`m_finished = true;`
`100`		`- return;`
	`101`	`+ return {};`
`101`	`102`	`}`
`102`	`103`
`103`	`104`	`VERIFY(m_stream.discard_or_error(block_size - sizeof(TarFileHeader)));`
	`105`	`+ return {};`
`104`	`106`	`}`
`105`	`107`
`106`	`108`	`bool TarInputStream::valid() const`