libarchive/CVE-2024-57970.patch

From 82912103214506316bd9990d73f33d743d55f570 Mon Sep 17 00:00:00 2001
From: Tim Kientzle <kientzle@acm.org>
Date: Mon, 9 Dec 2024 21:09:29 -0800
Subject: [PATCH] Handle truncation in the middle of a GNU long linkname
 (#2422)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Thanks to gbdngb12 김동건 for reporting this.

Resolves Issue #2415
---
 libarchive/archive_read_support_format_tar.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/libarchive/archive_read_support_format_tar.c b/libarchive/archive_read_support_format_tar.c
index 4aaf1b90ce..b1344ae57d 100644
--- a/libarchive/archive_read_support_format_tar.c
+++ b/libarchive/archive_read_support_format_tar.c
@@ -1146,7 +1146,9 @@ header_gnu_longlink(struct archive_read *a, struct tar *tar,
 	struct archive_string linkpath;
 	archive_string_init(&linkpath);
 	err = read_body_to_string(a, tar, &linkpath, h, unconsumed);
-	archive_entry_set_link(entry, linkpath.s);
+	if (err == ARCHIVE_OK) {
+		archive_entry_set_link(entry, linkpath.s);
+	}
 	archive_string_free(&linkpath);
 	return (err);
 }