From 974ccfc9cab109e3a028a8c015f5f874c8077127 Mon Sep 17 00:00:00 2001
From: Zhao Mengmeng <zhaomengmeng@kylinos.cn>
Date: Tue, 11 Jun 2024 16:33:49 +0800
Subject: [PATCH] Fix CVE-2024-37407

Backport upstream commit:
https://github.com/libarchive/libarchive/commit/b6a979481b7d77c12fa17bbed94576b63bbcb0c0

Signed-off-by: Zhao Mengmeng <zhaomengmeng@kylinos.cn>
---
 backport-CVE-2024-37407.patch | 24 ++++++++++++++++++++++++
 libarchive.spec               |  9 ++++++++-
 2 files changed, 32 insertions(+), 1 deletion(-)
 create mode 100644 backport-CVE-2024-37407.patch

diff --git a/backport-CVE-2024-37407.patch b/backport-CVE-2024-37407.patch
new file mode 100644
index 0000000..43db7a1
--- /dev/null
+++ b/backport-CVE-2024-37407.patch
@@ -0,0 +1,24 @@
+From b6a979481b7d77c12fa17bbed94576b63bbcb0c0 Mon Sep 17 00:00:00 2001
+From: Tobias Stoeckmann <stoeckmann@users.noreply.github.com>
+Date: Thu, 25 Apr 2024 09:18:30 +0000
+Subject: [PATCH] zip: Fix out of boundary access (#2145)
+
+If a ZIP file contains a file with an empty name and mac-ext option is
+set, then a check accesses memory out of bound of `name`.
+---
+ libarchive/archive_read_support_format_zip.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libarchive/archive_read_support_format_zip.c b/libarchive/archive_read_support_format_zip.c
+index d7b6f082ee..7552a1a1a2 100644
+--- a/libarchive/archive_read_support_format_zip.c
++++ b/libarchive/archive_read_support_format_zip.c
+@@ -4089,7 +4089,7 @@ slurp_central_directory(struct archive_read *a, struct archive_entry* entry,
+ 				 * as the actual resource fork doesn't end with '/'.
+ 				 */
+ 				size_t tmp_length = filename_length;
+-				if (name[tmp_length - 1] == '/') {
++				if (tmp_length > 0 && name[tmp_length - 1] == '/') {
+ 					tmp_length--;
+ 					r = rsrc_basename(name, tmp_length);
+ 				}
diff --git a/libarchive.spec b/libarchive.spec
index 4782ee5..638d249 100644
--- a/libarchive.spec
+++ b/libarchive.spec
@@ -2,7 +2,7 @@
 
 Name:           libarchive
 Version:        3.7.1
-Release:        3
+Release:        4
 Summary:        Multi-format archive and compression library
 License:        BSD
 URL:            https://www.libarchive.org/
@@ -10,6 +10,7 @@ Source0:        https://libarchive.org/downloads/%{name}-%{version}.tar.gz
 
 Patch6000:      backport-CVE-2024-20697-CVE-2024-26256.patch
 Patch6001:      backport-CVE-2024-20696.patch
+Patch6002:      backport-CVE-2024-37407.patch
 
 BuildRequires:  gcc bison sharutils zlib-devel bzip2-devel xz-devel
 BuildRequires:  lzo-devel e2fsprogs-devel libacl-devel libattr-devel
@@ -201,6 +202,12 @@ run_testsuite
 %{_mandir}/*/bsdunzip*
 
 %changelog
+* Tue Jun 11 2024 Zhao Mengmeng <zhaomengmeng@kylinos.cn> - 3.7.1-4
+- Type:CVE
+- CVE:CVE-2024-37407 
+- SUG:NA
+- DESC: fix CVE-2024-37407
+
 * Thu Jun 06 2024 lingsheng <lingsheng1@h-partners.com> - 3.7.1-3
 - Type:CVE
 - ID:CVE-2024-20696
-- 
Gitee