From 4ce1cf97a88ae1640a380dd19cbc255d729f966b Mon Sep 17 00:00:00 2001 From: Lasse Collin Date: Mon, 11 Apr 2011 13:21:28 +0300 Subject: liblzma: Validate encoder arguments better. The biggest problem was that the integrity check type wasn't validated, and e.g. lzma_easy_buffer_encode() would create a corrupt .xz Stream if given an unsupported Check ID. Luckily applications don't usually try to use an unsupport Check ID, so this bug is unlikely to cause many real-world problems. --- src/liblzma/common/stream_buffer_encoder.c | 3 +++ 1 file changed, 3 insertions(+) (limited to 'src/liblzma/common/stream_buffer_encoder.c') diff --git a/src/liblzma/common/stream_buffer_encoder.c b/src/liblzma/common/stream_buffer_encoder.c index f727d854..dd23c9af 100644 --- a/src/liblzma/common/stream_buffer_encoder.c +++ b/src/liblzma/common/stream_buffer_encoder.c @@ -51,6 +51,9 @@ lzma_stream_buffer_encode(lzma_filter *filters, lzma_check check, || out_pos_ptr == NULL || *out_pos_ptr > out_size) return LZMA_PROG_ERROR; + if (!lzma_check_is_supported(check)) + return LZMA_UNSUPPORTED_CHECK; + // Note for the paranoids: Index encoder prevents the Stream from // getting too big and still being accepted with LZMA_OK, and Block // encoder catches if the input is too big. So we don't need to -- cgit v1.2.3