WARC reader: skip whitespace and check for first digit in _warc_rdlen()
Fixes possible heap-buffer-overflow.
Reported-By: OSS-Fuzz issue 552
diff --git a/libarchive/archive_read_support_format_warc.c b/libarchive/archive_read_support_format_warc.c
index 3f15098..5e22438 100644
--- a/libarchive/archive_read_support_format_warc.c
+++ b/libarchive/archive_read_support_format_warc.c
@@ -730,7 +730,12 @@
return -1;
}
- /* strtol kindly overreads whitespace for us, so use that */
+ /* skip leading whitespace */
+ while (val < eol && isblank(*val))
+ val++;
+ /* there must be at least one digit */
+ if (!isdigit(*val))
+ return -1;
len = strtol(val, &on, 10);
if (on != eol) {
/* line must end here */