Skip to content

Commit 3ad08e0

Browse files
committed
Issue 717: Fix integer overflow when computing location of volume descriptor
The multiplication here defaulted to 'int' but calculations of file positions should always use int64_t. A simple cast suffices to fix this since the base location is always 32 bits for ISO, so multiplying by the sector size will never overflow a 64-bit integer.
1 parent 05caadc commit 3ad08e0

File tree

1 file changed

+2
-2
lines changed

1 file changed

+2
-2
lines changed

Diff for: libarchive/archive_read_support_format_iso9660.c

+2-2
Original file line numberDiff line numberDiff line change
@@ -1091,7 +1091,7 @@ choose_volume(struct archive_read *a, struct iso9660 *iso9660)
10911091
/* This condition is unlikely; by way of caution. */
10921092
vd = &(iso9660->joliet);
10931093

1094-
skipsize = LOGICAL_BLOCK_SIZE * vd->location;
1094+
skipsize = LOGICAL_BLOCK_SIZE * (int64_t)vd->location;
10951095
skipsize = __archive_read_consume(a, skipsize);
10961096
if (skipsize < 0)
10971097
return ((int)skipsize);
@@ -1129,7 +1129,7 @@ choose_volume(struct archive_read *a, struct iso9660 *iso9660)
11291129
&& iso9660->seenJoliet) {
11301130
/* Switch reading data from primary to joliet. */
11311131
vd = &(iso9660->joliet);
1132-
skipsize = LOGICAL_BLOCK_SIZE * vd->location;
1132+
skipsize = LOGICAL_BLOCK_SIZE * (int64_t)vd->location;
11331133
skipsize -= iso9660->current_position;
11341134
skipsize = __archive_read_consume(a, skipsize);
11351135
if (skipsize < 0)

0 commit comments

Comments
 (0)