lzop: add overflow check

See CVE-2014-4607 http://www.openwall.com/lists/oss-security/2014/06/26/20 function old new delta lzo1x_decompress_safe 1010 1031 +21 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
author: Denys Vlasenko <vda.linux@googlemail.com> 2014-06-30 10:14:34 +0200
committer: Denys Vlasenko <vda.linux@googlemail.com> 2014-06-30 10:14:34 +0200
commit: a9dc7c2f59dc5e92870d2d46316ea5c1f14740e3 (patch)
tree: 0c3b2ff86a761578247db504d8e742d55071b4a8 /archival/libarchive/liblzo.h
parent: 1b487ea8a69ac90b530e9ccd161a5b1b21e604c7 (diff)
download: busybox-a9dc7c2f59dc5e92870d2d46316ea5c1f14740e3.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/archival/libarchive/liblzo.h b/archival/libarchive/liblzo.h
index 843997cb9..4596620fe 100644
--- a/archival/libarchive/liblzo.h
+++ b/archival/libarchive/liblzo.h
@@ -76,11 +76,13 @@
 #    define TEST_IP             (ip < ip_end)
 #    define NEED_IP(x) \
             if ((unsigned)(ip_end - ip) < (unsigned)(x))  goto input_overrun
+#    define TEST_IV(x)          if ((x) > (unsigned)0 - (511)) goto input_overrun
 
 #    undef TEST_OP              /* don't need both of the tests here */
 #    define TEST_OP             1
 #    define NEED_OP(x) \
             if ((unsigned)(op_end - op) < (unsigned)(x))  goto output_overrun
+#    define TEST_OV(x)          if ((x) > (unsigned)0 - (511)) goto output_overrun
 
 #define HAVE_ANY_OP 1
author	Denys Vlasenko <vda.linux@googlemail.com>	2014-06-30 10:14:34 +0200
committer	Denys Vlasenko <vda.linux@googlemail.com>	2014-06-30 10:14:34 +0200
commit	a9dc7c2f59dc5e92870d2d46316ea5c1f14740e3 (patch)
tree	0c3b2ff86a761578247db504d8e742d55071b4a8 /archival/libarchive/liblzo.h
parent	1b487ea8a69ac90b530e9ccd161a5b1b21e604c7 (diff)
download	busybox-a9dc7c2f59dc5e92870d2d46316ea5c1f14740e3.tar.gz