diff options
author | Lasse Collin <lasse.collin@tukaani.org> | 2009-04-27 11:26:09 +0300 |
---|---|---|
committer | Lasse Collin <lasse.collin@tukaani.org> | 2009-04-27 11:26:09 +0300 |
commit | 6ffa14f3b019919dd7c8d3a768606c05f87fe729 (patch) | |
tree | 0dc042b8445eb7f1502a056dc02a13999596f678 /linux | |
parent | 6cb1a9a62fb75707f0255b9e59569d6eac498b57 (diff) | |
download | xz-embedded-6ffa14f3b019919dd7c8d3a768606c05f87fe729.tar.gz |
Define VLI_BYTES_MAX macro and use it in dec_vli().
This makes it possible to use uint32_t as vli_type.
Doing so risks having some integer overflows unless
the caller can ensure that the total amounts of input
and output will stay below 256 MiB.
Diffstat (limited to 'linux')
-rw-r--r-- | linux/lib/xz/xz_dec_stream.c | 5 | ||||
-rw-r--r-- | linux/lib/xz/xz_stream.h | 3 |
2 files changed, 5 insertions, 3 deletions
diff --git a/linux/lib/xz/xz_dec_stream.c b/linux/lib/xz/xz_dec_stream.c index 96e8736..af878c4 100644 --- a/linux/lib/xz/xz_dec_stream.c +++ b/linux/lib/xz/xz_dec_stream.c @@ -189,10 +189,9 @@ static enum xz_ret XZ_FUNC dec_vli(struct xz_dec *s, return XZ_STREAM_END; } - if (s->pos >= 56) - return XZ_DATA_ERROR; - s->pos += 7; + if (s->pos == 7 * VLI_BYTES_MAX) + return XZ_DATA_ERROR; } return XZ_OK; diff --git a/linux/lib/xz/xz_stream.h b/linux/lib/xz/xz_stream.h index de35e67..bb70b09 100644 --- a/linux/lib/xz/xz_stream.h +++ b/linux/lib/xz/xz_stream.h @@ -40,4 +40,7 @@ typedef uint64_t vli_type; #define VLI_MAX ((vli_type)-1 / 2) #define VLI_UNKNOWN ((vli_type)-1) +/* Maximum encoded size of a VLI */ +#define VLI_BYTES_MAX (sizeof(vli_type) * 8 / 7) + #endif |