git: 8342c11f27eb - stable/11 - libarchive: merge vendor bugfix

From: Martin Matuska <mm_at_FreeBSD.org>
Date: Wed, 23 Feb 2022 12:36:09 UTC
The branch stable/11 has been updated by mm:

URL: https://cgit.FreeBSD.org/src/commit/?id=8342c11f27ebf504e25a00daad3351e1a508a774

commit 8342c11f27ebf504e25a00daad3351e1a508a774
Author:     Martin Matuska <mm@FreeBSD.org>
AuthorDate: 2022-02-21 11:06:54 +0000
Commit:     Martin Matuska <mm@FreeBSD.org>
CommitDate: 2022-02-23 11:37:34 +0000

    libarchive: merge vendor bugfix
    
    OSS-Fuzz #44843 (security):
    RAR reader: fix null-dereference in RAR (v4) filter code
    
    (cherry picked from commit 5ccf909af9c1117172ff0742515da2d2e0cef89e)
---
 .../libarchive/libarchive/archive_read_support_format_rar.c | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/contrib/libarchive/libarchive/archive_read_support_format_rar.c b/contrib/libarchive/libarchive/archive_read_support_format_rar.c
index 388484a76809..7a7318522650 100644
--- a/contrib/libarchive/libarchive/archive_read_support_format_rar.c
+++ b/contrib/libarchive/libarchive/archive_read_support_format_rar.c
@@ -3328,20 +3328,25 @@ run_filters(struct archive_read *a)
   struct rar *rar = (struct rar *)(a->format->data);
   struct rar_filters *filters = &rar->filters;
   struct rar_filter *filter = filters->stack;
-  size_t start = filters->filterstart;
-  size_t end = start + filter->blocklength;
+  size_t start, end;
   int64_t tend;
   uint32_t lastfilteraddress;
   uint32_t lastfilterlength;
   int ret;
 
+  if (filters == NULL || filter == NULL)
+    return (0);
+
+  start = filters->filterstart;
+  end = start + filter->blocklength;
+
   filters->filterstart = INT64_MAX;
   tend = (int64_t)end;
   ret = expand(a, &tend);
   if (ret != ARCHIVE_OK)
-    return (ret);
+    return 0;
   if (tend < 0)
-    return (ARCHIVE_FATAL);
+    return 0;
   end = (size_t)tend;
   if (end != start + filter->blocklength)
     return 0;