projects / vuplus_xbmc / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: dab7e1a)
changed/fixed: add some sanity checks to rar code to avoid crashes with corrupt archives.
authorspiff <spiff@xbmc.org>
Tue, 15 Nov 2011 17:05:23 +0000 (18:05 +0100)
committerspiff <spiff@xbmc.org>
Tue, 15 Nov 2011 17:06:15 +0000 (18:06 +0100)
lib/UnrarXLib/rar.cpp patch | blob | history
xbmc/filesystem/RarDirectory.cpp patch | blob | history

diff --git a/lib/UnrarXLib/rar.cpp b/lib/UnrarXLib/rar.cpp
index 89f0f0e..7fe2937 100644 (file)
--- a/lib/UnrarXLib/rar.cpp
+++ b/lib/UnrarXLib/rar.cpp
@@ -345,6 +345,13 @@ int urarlib_list(char *rarfile, ArchiveList_struct **ppList, char *libpassword,
               if (!*ppList)
                 *ppList = pCurr;
               pCurr->item.NameSize = strlen(pArc->NewLhd.FileName);
+              // sanity check - if it fails the archive is likely corrupt
+              if (pCurr->item.NameSize > NM)
+              {
+                File::RemoveCreated();
+                return 0;
+              }
+
               pCurr->item.Name = (char *)malloc(pCurr->item.NameSize + 1);
               strcpy(pCurr->item.Name, pArc->NewLhd.FileName);
               pCurr->item.NameW = (wchar *)malloc((pCurr->item.NameSize + 1)*sizeof(wchar));
@@ -365,6 +372,11 @@ int urarlib_list(char *rarfile, ArchiveList_struct **ppList, char *libpassword,
                 break;
             }
             iOffset = pArc->NextBlockPos;
+            if (iOffset > pArc->FileLength())
+            {
+              File::RemoveCreated();
+              return 0;
+            }
             pArc->SeekToNext();
           }
           if (pCmd->VolSize!=0 && ((pArc->NewLhd.Flags & LHD_SPLIT_AFTER) || (pArc->GetHeaderType()==ENDARC_HEAD && (pArc->EndArcHead.Flags & EARC_NEXT_VOLUME)!=0)))
diff --git a/xbmc/filesystem/RarDirectory.cpp b/xbmc/filesystem/RarDirectory.cpp
index c4d9809..1a89fbd 100644 (file)
--- a/xbmc/filesystem/RarDirectory.cpp
+++ b/xbmc/filesystem/RarDirectory.cpp
@@ -71,7 +71,10 @@ namespace XFILE
       return( true);
     }
     else
+    {
+      CLog::Log(LOGWARNING,"%s: rar lib returned no files in archive %s, likely corrupt",__FUNCTION__,strArchive.c_str());
       return( false );
+    }
   }
 
   bool CRarDirectory::Exists(const char* strPath)
Unnamed repository; edit this file 'description' to name the repository.