Skip to content

Commit 5562545

Browse files
committed
Avoid a read off-by-one error for UTF16 names in RAR archives.
Reported-By: OSS-Fuzz issue 573
1 parent add25e4 commit 5562545

File tree

1 file changed

+5
-1
lines changed

1 file changed

+5
-1
lines changed

Diff for: libarchive/archive_read_support_format_rar.c

+5-1
Original file line numberDiff line numberDiff line change
@@ -1496,7 +1496,11 @@ read_header(struct archive_read *a, struct archive_entry *entry,
14961496
return (ARCHIVE_FATAL);
14971497
}
14981498
filename[filename_size++] = '\0';
1499-
filename[filename_size++] = '\0';
1499+
/*
1500+
* Do not increment filename_size here as the computations below
1501+
* add the space for the terminating NUL explicitly.
1502+
*/
1503+
filename[filename_size] = '\0';
15001504

15011505
/* Decoded unicode form is UTF-16BE, so we have to update a string
15021506
* conversion object for it. */

0 commit comments

Comments
 (0)