[PATCH] libarchive: fix bug1066

[Andrej Valek <andrej.valek@siemens.com>]

Fix out of bounds read on empty string filename for guntar, pax and v7tar

Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
---
 .../libarchive/libarchive/bug1066.patch            | 54 ++++++++++++++++++++++
 .../libarchive/libarchive_3.3.3.bb                 |  1 +
 2 files changed, 55 insertions(+)
 create mode 100644 meta/recipes-extended/libarchive/libarchive/bug1066.patch

diff --git a/meta/recipes-extended/libarchive/libarchive/bug1066.patch b/meta/recipes-extended/libarchive/libarchive/bug1066.patch
new file mode 100644
index 0000000000..0a662b57b4
--- /dev/null
+++ b/meta/recipes-extended/libarchive/libarchive/bug1066.patch
@@ -0,0 +1,54 @@
+libarchive-3.3.3: Fix bug1066
+
+[No upstream tracking] -- https://github.com/libarchive/libarchive/pull/1066
+
+archive_write_set_format_*.c: fix out of bounds read on empty string () filename
+for guntar, pax and v7tar
+
+There is an out of bounds read flaw in the archive_write_gnutar_header,
+archive_write_pax_header and archive_write_v7tar_header functions which
+could leds to cause a denial of service.
+
+Upstream-Status: Backport [https://github.com/libarchive/libarchive/commit/c246ec5d058a3f70a2d3fb765f92fe9db77b25df]
+Bug: 1066
+Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
+
+diff --git a/libarchive/archive_write_set_format_gnutar.c b/libarchive/archive_write_set_format_gnutar.c
+index 2d858c9..1966c53 100644
+--- a/libarchive/archive_write_set_format_gnutar.c
++++ b/libarchive/archive_write_set_format_gnutar.c
+@@ -339,7 +339,7 @@ archive_write_gnutar_header(struct archive_write *a,
+ 		 * case getting WCS failed. On POSIX, this is a
+ 		 * normal operation.
+ 		 */
+-		if (p != NULL && p[strlen(p) - 1] != '/') {
++		if (p != NULL && p[0] != '\0' && p[strlen(p) - 1] != '/') {
+ 			struct archive_string as;
+ 
+ 			archive_string_init(&as);
+diff --git a/libarchive/archive_write_set_format_pax.c b/libarchive/archive_write_set_format_pax.c
+index 6a301ac..4cfa8ff 100644
+--- a/libarchive/archive_write_set_format_pax.c
++++ b/libarchive/archive_write_set_format_pax.c
+@@ -660,7 +660,7 @@ archive_write_pax_header(struct archive_write *a,
+ 			 * case getting WCS failed. On POSIX, this is a
+ 			 * normal operation.
+ 			 */
+-			if (p != NULL && p[strlen(p) - 1] != '/') {
++			if (p != NULL && p[0] != '\0' && p[strlen(p) - 1] != '/') {
+ 				struct archive_string as;
+ 
+ 				archive_string_init(&as);
+diff --git a/libarchive/archive_write_set_format_v7tar.c b/libarchive/archive_write_set_format_v7tar.c
+index 62b1522..53c0db0 100644
+--- a/libarchive/archive_write_set_format_v7tar.c
++++ b/libarchive/archive_write_set_format_v7tar.c
+@@ -284,7 +284,7 @@ archive_write_v7tar_header(struct archive_write *a, struct archive_entry *entry)
+ 		 * case getting WCS failed. On POSIX, this is a
+ 		 * normal operation.
+ 		 */
+-		if (p != NULL && p[strlen(p) - 1] != '/') {
++		if (p != NULL && p[0] != '\0' && p[strlen(p) - 1] != '/') {
+ 			struct archive_string as;
+ 
+ 			archive_string_init(&as);
diff --git a/meta/recipes-extended/libarchive/libarchive_3.3.3.bb b/meta/recipes-extended/libarchive/libarchive_3.3.3.bb
index eabab16770..46a3d43762 100644
--- a/meta/recipes-extended/libarchive/libarchive_3.3.3.bb
+++ b/meta/recipes-extended/libarchive/libarchive_3.3.3.bb
@@ -33,6 +33,7 @@ EXTRA_OECONF += "--enable-largefile"
 
 SRC_URI = "http://libarchive.org/downloads/libarchive-${PV}.tar.gz \
            file://non-recursive-extract-and-list.patch \
+           file://bug1066.patch \
 "
 
 SRC_URI[md5sum] = "4038e366ca5b659dae3efcc744e72120"
-- 
2.11.0