aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorLasse Collin <lasse.collin@tukaani.org>2022-12-08 17:30:09 +0200
committerLasse Collin <lasse.collin@tukaani.org>2022-12-08 17:30:09 +0200
commitac2a747e939c2cbccff7a49c399769af5e02d2ab (patch)
treefbba824a0dbe8aa9cc37cfecb1c686e10ad0a99f /src
parentBump version number for 5.3.5beta. (diff)
downloadxz-ac2a747e939c2cbccff7a49c399769af5e02d2ab.tar.xz
liblzma: Check for unexpected NULL pointers in block_header_decode().
The API docs gave an impression that such checks are done but they actually weren't done. In practice it made little difference since the calling code has a bug if these are NULL. Thanks to Jia Tan for the original patch that checked for block->filters == NULL.
Diffstat (limited to 'src')
-rw-r--r--src/liblzma/common/block_header_decoder.c4
1 files changed, 4 insertions, 0 deletions
diff --git a/src/liblzma/common/block_header_decoder.c b/src/liblzma/common/block_header_decoder.c
index 9b9408b0..c4935dcf 100644
--- a/src/liblzma/common/block_header_decoder.c
+++ b/src/liblzma/common/block_header_decoder.c
@@ -23,6 +23,10 @@ lzma_block_header_decode(lzma_block *block,
// are invalid or over 63 bits, or if the header is too small
// to contain the claimed information.
+ // Catch unexpected NULL pointers.
+ if (block == NULL || block->filters == NULL || in == NULL)
+ return LZMA_PROG_ERROR;
+
// Initialize the filter options array. This way the caller can
// safely free() the options even if an error occurs in this function.
for (size_t i = 0; i <= LZMA_FILTERS_MAX; ++i) {