ckolivas/lrzip
1
0
Fork 0
mirror of https://github.com/ckolivas/lrzip.git synced 2025-12-06 07:12:00 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

Add sanity checking for chunk data in the file header, fixing stack overflow.

Browse source
This commit is contained in:
Con Kolivas 2018-05-16 17:12:50 +10:00
parent 4893e869e3
commit f12c4a35f9
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
lrzip.c
View file

@ -993,12 +993,16 @@ bool get_fileinfo(rzip_control *control)
if (control->major_version == 0 && control->minor_version > 4) { if (control->major_version == 0 && control->minor_version > 4) {
if (unlikely(read(fd_in, &chunk_byte, 1) != 1)) if (unlikely(read(fd_in, &chunk_byte, 1) != 1))
fatal_goto(("Failed to read chunk_byte in get_fileinfo\n"), error); fatal_goto(("Failed to read chunk_byte in get_fileinfo\n"), error);
if (unlikely(chunk_byte < 1 || chunk_byte > 8))
fatal_goto(("Invalid chunk bytes %d\n", chunk_byte), error);
if (control->major_version == 0 && control->minor_version > 5) { if (control->major_version == 0 && control->minor_version > 5) {
if (unlikely(read(fd_in, &control->eof, 1) != 1)) if (unlikely(read(fd_in, &control->eof, 1) != 1))
fatal_goto(("Failed to read eof in get_fileinfo\n"), error); fatal_goto(("Failed to read eof in get_fileinfo\n"), error);
if (unlikely(read(fd_in, &chunk_size, chunk_byte) != chunk_byte)) if (unlikely(read(fd_in, &chunk_size, chunk_byte) != chunk_byte))
fatal_goto(("Failed to read chunk_size in get_fileinfo\n"), error); fatal_goto(("Failed to read chunk_size in get_fileinfo\n"), error);
chunk_size = le64toh(chunk_size); chunk_size = le64toh(chunk_size);
if (unlikely(chunk_size < 0))
fatal_goto(("Invalid chunk size %lld\n", chunk_size), error);
} }
} }