Skip to content

Commit dd8f50c

Browse files
authored
unzip: Unify EOF handling (libarchive#2175)
If EOF is encountered while reading the new filename after choosing 'r', avoid out of boundary access and usage of undefined memory content by treating it the same way as if the question itself was not answered.
1 parent 6ff1cd1 commit dd8f50c

1 file changed

Lines changed: 10 additions & 7 deletions

File tree

unzip/bsdunzip.c

Lines changed: 10 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -484,13 +484,8 @@ handle_existing_file(char **path)
484484
fprintf(stderr,
485485
"replace %s? [y]es, [n]o, [A]ll, [N]one, [r]ename: ",
486486
*path);
487-
if (fgets(buf, sizeof(buf), stdin) == NULL) {
488-
clearerr(stdin);
489-
printf("NULL\n(EOF or read error, "
490-
"treating as \"[N]one\"...)\n");
491-
n_opt = 1;
492-
return -1;
493-
}
487+
if (fgets(buf, sizeof(buf), stdin) == NULL)
488+
goto stdin_err;
494489
switch (*buf) {
495490
case 'A':
496491
o_opt = 1;
@@ -512,13 +507,21 @@ handle_existing_file(char **path)
512507
*path = NULL;
513508
alen = 0;
514509
len = getline(path, &alen, stdin);
510+
if (len < 1)
511+
goto stdin_err;
515512
if ((*path)[len - 1] == '\n')
516513
(*path)[len - 1] = '\0';
517514
return 0;
518515
default:
519516
break;
520517
}
521518
}
519+
stdin_err:
520+
clearerr(stdin);
521+
printf("NULL\n(EOF or read error, "
522+
"treating as \"[N]one\"...)\n");
523+
n_opt = 1;
524+
return -1;
522525
}
523526

524527
/*

0 commit comments

Comments
 (0)