[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-changelog] [xen-unstable] Decompressors: fix header validation in unlzma.c



# HG changeset patch
# User Lasse Collin <lasse.collin@xxxxxxxxxxx>
# Date 1321018323 -3600
# Node ID 71abe73298b321ce168cf1a496615d06deb86220
# Parent  7c5eb2265fba5fb33addd0e0f30b77ce4ff17af0
Decompressors: fix header validation in unlzma.c

From: Lasse Collin <lasse.collin@xxxxxxxxxxx>

Validation of header.pos calls error() but doesn't make the function
return to indicate an error to the caller.  Instead the decoding is
attempted with invalid header.pos.  This fixes it.

Signed-off-by: Lasse Collin <lasse.collin@xxxxxxxxxxx>
Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
Acked-by: Keir Fraser <keir@xxxxxxx>
Committed-by: Jan Beulich <jbeulich@xxxxxxxx>
---


diff -r 7c5eb2265fba -r 71abe73298b3 xen/common/unlzma.c
--- a/xen/common/unlzma.c       Fri Nov 11 14:31:38 2011 +0100
+++ b/xen/common/unlzma.c       Fri Nov 11 14:32:03 2011 +0100
@@ -568,8 +568,10 @@
                ((unsigned char *)&header)[i] = *rc.ptr++;
        }
 
-       if (header.pos >= (9 * 5 * 5))
+       if (header.pos >= (9 * 5 * 5)) {
                error("bad header");
+               goto exit_1;
+       }
 
        mi = 0;
        lc = header.pos;

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.