From 96e31e81ff7928c6cca49c63b033e247e75ddfe3 Mon Sep 17 00:00:00 2001 From: Tim Kientzle Date: Mon, 2 Apr 2007 00:25:11 +0000 Subject: [PATCH] Avoid a potential overflow when 'skip' is larger than a pointer. Thanks to: Joerg Sonnenberger --- lib/libarchive/archive_read_open_memory.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/libarchive/archive_read_open_memory.c b/lib/libarchive/archive_read_open_memory.c index e87ef7802127..b32a6f3abf3e 100644 --- a/lib/libarchive/archive_read_open_memory.c +++ b/lib/libarchive/archive_read_open_memory.c @@ -134,7 +134,7 @@ memory_read_skip(struct archive *a, void *client_data, off_t skip) struct read_memory_data *mine = (struct read_memory_data *)client_data; (void)a; /* UNUSED */ - if (mine->buffer + skip > mine->end) + if (skip > mine->end - mine->buffer) skip = mine->end - mine->buffer; /* Round down to block size. */ skip /= mine->read_size;