Libarchive Integer Overflow Vulnerability in WARC File Processing

An integer overflow vulnerability has been identified in the libarchive library, specifically in versions prior to 3.8.0. This vulnerability arises when the library processes Web Archive (WARC) files that claim to contain more than INT64_MAX - 4 content bytes. An attacker could exploit this by crafting a malicious WARC file, leading to potential memory corruption, unpredictable program behavior, or a denial-of-service condition in applications that use libarchive to handle such archives.

Impact

Exploitation of this vulnerability can cause a signed integer overflow, allowing for memory corruption and potentially leading to a denial-of-service condition.

Reproduction

To reproduce this vulnerability, create a WARC file that claims to have more than INT64_MAX - 4 content bytes. When this file is processed by an application using libarchive versions prior to 3.8.0, the integer overflow will occur. This can be tested by modifying the WARC file's metadata to include an exaggerated content length, then using a libarchive-based tool to read the file.

Remediation

Users can upgrade to libarchive version 3.8.0 or later, where this vulnerability has been fixed.