libarchive: Fix string concatentation in Windows mktemp implementation

Port upstream LibArchive commit "compute string pointers after
concatenation" (2014-09-25) and commit "Move variables to top of
function for non-C99 compilers" (2014-11-15) to our CMake copy.
Otherwise we may compute a pointer to memory that is about to be freed
and then compute a bad size to give to CryptGenRandom.

Inspired-by: Tim Kientzle <kientzle@gmail.com>
This commit is contained in:
Tim Kientzle 2014-09-25 18:51:57 -07:00 committed by Brad King
parent 732d8a467a
commit 1f33b45d5d
1 changed files with 5 additions and 3 deletions

View File

@ -249,6 +249,8 @@ __archive_errx(int retvalue, const char *msg)
int
__archive_mktemp(const char *tmpdir)
{
static const wchar_t *prefix = L"libarchive_";
static const wchar_t *suffix = L"XXXXXXXXXX";
static const wchar_t num[] = {
L'0', L'1', L'2', L'3', L'4', L'5', L'6', L'7',
L'8', L'9', L'A', L'B', L'C', L'D', L'E', L'F',
@ -323,10 +325,10 @@ __archive_mktemp(const char *tmpdir)
/*
* Create a temporary file.
*/
archive_wstrcat(&temp_name, L"libarchive_");
xp = temp_name.s + archive_strlen(&temp_name);
archive_wstrcat(&temp_name, L"XXXXXXXXXX");
archive_wstrcat(&temp_name, prefix);
archive_wstrcat(&temp_name, suffix);
ep = temp_name.s + archive_strlen(&temp_name);
xp = ep - wcslen(suffix);
if (!CryptAcquireContext(&hProv, NULL, NULL, PROV_RSA_FULL,
CRYPT_VERIFYCONTEXT)) {