diff options
author | Denys Vlasenko <vda.linux@googlemail.com> | 2018-04-08 20:02:01 +0200 |
---|---|---|
committer | Denys Vlasenko <vda.linux@googlemail.com> | 2018-04-08 20:05:04 +0200 |
commit | 38ccd6af8abbafff98d458a1c62909acfc09a514 (patch) | |
tree | 1a4158db5c7e5e98111ff99d4a9078d93b4ccfcc /include | |
parent | 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e (diff) | |
download | busybox-38ccd6af8abbafff98d458a1c62909acfc09a514.tar.gz |
bzip2: fix two crashes on corrupted archives
As it turns out, longjmp'ing into freed stack is not healthy...
function old new delta
unpack_usage_messages - 97 +97
unpack_bz2_stream 369 409 +40
get_next_block 1667 1677 +10
get_bits 156 155 -1
start_bunzip 212 183 -29
bb_show_usage 181 120 -61
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 2/3 up/down: 147/-91) Total: 56 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Diffstat (limited to 'include')
-rw-r--r-- | include/bb_archive.h | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/include/bb_archive.h b/include/bb_archive.h index a5c61e95b..b437f1920 100644 --- a/include/bb_archive.h +++ b/include/bb_archive.h @@ -210,7 +210,7 @@ const llist_t *find_list_entry2(const llist_t *list, const char *filename) FAST_ /* A bit of bunzip2 internals are exposed for compressed help support: */ typedef struct bunzip_data bunzip_data; -int start_bunzip(bunzip_data **bdp, int in_fd, const void *inbuf, int len) FAST_FUNC; +int start_bunzip(void *, bunzip_data **bdp, int in_fd, const void *inbuf, int len) FAST_FUNC; /* NB: read_bunzip returns < 0 on error, or the number of *unfilled* bytes * in outbuf. IOW: on EOF returns len ("all bytes are not filled"), not 0: */ int read_bunzip(bunzip_data *bd, char *outbuf, int len) FAST_FUNC; |