From 84d2da6c9dc252f441deb7626c2522202b005d4d Mon Sep 17 00:00:00 2001 From: Lasse Collin Date: Wed, 26 Jun 2013 13:30:57 +0300 Subject: xz: Check the value of lzma_stream_flags.version in --list. It is a no-op for now, but if an old xz version is used together with a newer liblzma that supports something new, then this check becomes important and will stop the old xz from trying to parse files that it won't understand. --- src/xz/list.c | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/src/xz/list.c b/src/xz/list.c index 13abd8f7..449c2bc4 100644 --- a/src/xz/list.c +++ b/src/xz/list.c @@ -230,6 +230,20 @@ parse_indexes(xz_file_info *xfi, file_pair *pair) goto error; } + // Check that the Stream Footer doesn't specify something + // that we don't support. This can only happen if the xz + // version is older than liblzma and liblzma supports + // something new. + // + // It is enough to check Stream Footer. Stream Header must + // match when it is compared against Stream Footer with + // lzma_stream_flags_compare(). + if (footer_flags.version != 0) { + message_error("%s: %s", pair->src_name, + message_strm(LZMA_OPTIONS_ERROR)); + goto error; + } + // Check that the size of the Index field looks sane. lzma_vli index_size = footer_flags.backward_size; if ((lzma_vli)(pos) < index_size + LZMA_STREAM_HEADER_SIZE) { -- cgit v1.2.3