From 38ccd6af8abbafff98d458a1c62909acfc09a514 Mon Sep 17 00:00:00 2001 From: Denys Vlasenko Date: Sun, 8 Apr 2018 20:02:01 +0200 Subject: bzip2: fix two crashes on corrupted archives As it turns out, longjmp'ing into freed stack is not healthy... function old new delta unpack_usage_messages - 97 +97 unpack_bz2_stream 369 409 +40 get_next_block 1667 1677 +10 get_bits 156 155 -1 start_bunzip 212 183 -29 bb_show_usage 181 120 -61 ------------------------------------------------------------------------------ (add/remove: 1/0 grow/shrink: 2/3 up/down: 147/-91) Total: 56 bytes Signed-off-by: Denys Vlasenko --- include/bb_archive.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/bb_archive.h b/include/bb_archive.h index a5c61e95b..b437f1920 100644 --- a/include/bb_archive.h +++ b/include/bb_archive.h @@ -210,7 +210,7 @@ const llist_t *find_list_entry2(const llist_t *list, const char *filename) FAST_ /* A bit of bunzip2 internals are exposed for compressed help support: */ typedef struct bunzip_data bunzip_data; -int start_bunzip(bunzip_data **bdp, int in_fd, const void *inbuf, int len) FAST_FUNC; +int start_bunzip(void *, bunzip_data **bdp, int in_fd, const void *inbuf, int len) FAST_FUNC; /* NB: read_bunzip returns < 0 on error, or the number of *unfilled* bytes * in outbuf. IOW: on EOF returns len ("all bytes are not filled"), not 0: */ int read_bunzip(bunzip_data *bd, char *outbuf, int len) FAST_FUNC; -- cgit v1.2.3