Decompressors: fix header validation in unlzma.c

From: Lasse Collin <lasse.collin@tukaani.org> Validation of header.pos calls error() but doesn't make the function return to indicate an error to the caller. Instead the decoding is attempted with invalid header.pos. This fixes it. Signed-off-by: Lasse Collin <lasse.collin@tukaani.org> Signed-off-by: Jan Beulich <jbeulich@suse.com> Acked-by: Keir Fraser <keir@xen.org> Committed-by: Jan Beulich <jbeulich@suse.com>
author: Lasse Collin <lasse.collin@tukaani.org> 2011-11-11 14:32:03 +0100
committer: Lasse Collin <lasse.collin@tukaani.org> 2011-11-11 14:32:03 +0100
commit: 9bc32f2d7dc05e3d6e8dc96e30858ea565730f8e (patch)
tree: 56c2d5b5b024b886107232fe9c9c52272391464a /xen/common/unlzma.c
parent: b9f2ce10ef5249eefb90354da3b83a66ac58d9c6 (diff)
download: xen-9bc32f2d7dc05e3d6e8dc96e30858ea565730f8e.tar.gz
xen-9bc32f2d7dc05e3d6e8dc96e30858ea565730f8e.tar.bz2
xen-9bc32f2d7dc05e3d6e8dc96e30858ea565730f8e.zip
1 files changed, 3 insertions, 1 deletions
diff --git a/xen/common/unlzma.c b/xen/common/unlzma.c
index 7ecd161d56..eb3fbba826 100644
--- a/xen/common/unlzma.c
+++ b/xen/common/unlzma.c
@@ -568,8 +568,10 @@ STATIC int INIT unlzma(unsigned char *buf, unsigned int in_len,
 		((unsigned char *)&header)[i] = *rc.ptr++;
 	}
 
-	if (header.pos >= (9 * 5 * 5))
+	if (header.pos >= (9 * 5 * 5)) {
 		error("bad header");
+		goto exit_1;
+	}
 
 	mi = 0;
 	lc = header.pos;
author	Lasse Collin <lasse.collin@tukaani.org>	2011-11-11 14:32:03 +0100
committer	Lasse Collin <lasse.collin@tukaani.org>	2011-11-11 14:32:03 +0100
commit	9bc32f2d7dc05e3d6e8dc96e30858ea565730f8e (patch)
tree	56c2d5b5b024b886107232fe9c9c52272391464a /xen/common/unlzma.c
parent	b9f2ce10ef5249eefb90354da3b83a66ac58d9c6 (diff)
download	xen-9bc32f2d7dc05e3d6e8dc96e30858ea565730f8e.tar.gz xen-9bc32f2d7dc05e3d6e8dc96e30858ea565730f8e.tar.bz2 xen-9bc32f2d7dc05e3d6e8dc96e30858ea565730f8e.zip