[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[xen stable-4.15] xz: validate the value before assigning it to an enum variable

commit cd751c09a5bab9f3529901fbe4d867ad7d52e89d
Author:     Lasse Collin <lasse.collin@xxxxxxxxxxx>
AuthorDate: Thu Mar 10 09:51:29 2022 +0100
Commit:     Jan Beulich <jbeulich@xxxxxxxx>
CommitDate: Thu Mar 10 09:51:29 2022 +0100

    xz: validate the value before assigning it to an enum variable
    
    This might matter, for example, if the underlying type of enum xz_check
    was a signed char. In such a case the validation wouldn't have caught an
    unsupported header. I don't know if this problem can occur in the kernel
    on any arch but it's still good to fix it because some people might copy
    the XZ code to their own projects from Linux instead of the upstream
    XZ Embedded repository.
    
    This change may increase the code size by a few bytes. An alternative
    would have been to use an unsigned int instead of enum xz_check but
    using an enumeration looks cleaner.
    
    Link: https://lore.kernel.org/r/20211010213145.17462-3-xiang@xxxxxxxxxx
    Signed-off-by: Lasse Collin <lasse.collin@xxxxxxxxxxx>
    Signed-off-by: Gao Xiang <hsiangkao@xxxxxxxxxxxxxxxxx>
    Origin: git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git 
4f8d7abaa413
    Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
    Reviewed-by: Luca Fancellu <luca.fancellu@xxxxxxx>
    Acked-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
    master commit: 0a21660515c24f09c4ee060ce0bb42e4b2e6b6fa
    master date: 2022-03-07 09:08:54 +0100
---
 xen/common/xz/dec_stream.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/xen/common/xz/dec_stream.c b/xen/common/xz/dec_stream.c
index b8b566307c..e921d46abc 100644
--- a/xen/common/xz/dec_stream.c
+++ b/xen/common/xz/dec_stream.c
@@ -402,12 +402,12 @@ static enum xz_ret INIT dec_stream_header(struct xz_dec 
*s)
         * we will accept other check types too, but then the check won't
         * be verified and a warning (XZ_UNSUPPORTED_CHECK) will be given.
         */
+       if (s->temp.buf[HEADER_MAGIC_SIZE + 1] > XZ_CHECK_MAX)
+               return XZ_OPTIONS_ERROR;
+
        s->check_type = s->temp.buf[HEADER_MAGIC_SIZE + 1];
 
 #ifdef XZ_DEC_ANY_CHECK
-       if (s->check_type > XZ_CHECK_MAX)
-               return XZ_OPTIONS_ERROR;
-
        if (s->check_type > XZ_CHECK_CRC32)
                return XZ_UNSUPPORTED_CHECK;
 #else
--
generated by git-patchbot for /home/xen/git/xen.git#stable-4.15

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.