git: 2c614481fd52 - main - unzip: Fix segmentation fault if a zip file contains buggy filename.

From: Yoshihiro Takahashi <nyan_at_FreeBSD.org>
Date: Sun, 10 Oct 2021 11:50:48 UTC
The branch main has been updated by nyan:

URL: https://cgit.FreeBSD.org/src/commit/?id=2c614481fd5248c1685e713f67d40cf2d5fba494

commit 2c614481fd5248c1685e713f67d40cf2d5fba494
Author:     Yoshihiro Takahashi <nyan@FreeBSD.org>
AuthorDate: 2021-10-10 11:49:19 +0000
Commit:     Yoshihiro Takahashi <nyan@FreeBSD.org>
CommitDate: 2021-10-10 11:49:19 +0000

    unzip: Fix segmentation fault if a zip file contains buggy filename.
    
    PR:             259011
    Reported by:    Robert Morris
    Submitted by:   ak
    MFC after::     1 week
---
 usr.bin/unzip/unzip.c | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/usr.bin/unzip/unzip.c b/usr.bin/unzip/unzip.c
index e5ca1ff2c939..0b564b0f08ec 100644
--- a/usr.bin/unzip/unzip.c
+++ b/usr.bin/unzip/unzip.c
@@ -211,6 +211,9 @@ pathdup(const char *path)
 	char *str;
 	size_t i, len;
 
+	if (path == NULL || path[0] == '\0')
+		return (NULL);
+
 	len = strlen(path);
 	while (len && path[len - 1] == '/')
 		len--;
@@ -697,7 +700,11 @@ extract(struct archive *a, struct archive_entry *e)
 	mode_t filetype;
 	char *p, *q;
 
-	pathname = pathdup(archive_entry_pathname(e));
+	if ((pathname = pathdup(archive_entry_pathname(e))) == NULL) {
+		warningx("skipping empty or unreadable filename entry");
+		ac(archive_read_data_skip(a));
+		return;
+	}
 	filetype = archive_entry_filetype(e);
 
 	/* sanity checks */
@@ -760,7 +767,11 @@ extract_stdout(struct archive *a, struct archive_entry *e)
 	char *pathname;
 	mode_t filetype;
 
-	pathname = pathdup(archive_entry_pathname(e));
+	if ((pathname = pathdup(archive_entry_pathname(e))) == NULL) {
+		warningx("skipping empty or unreadable filename entry");
+		ac(archive_read_data_skip(a));
+		return;
+	}
 	filetype = archive_entry_filetype(e);
 
 	/* I don't think this can happen in a zipfile.. */