lib/xz: Validate the value before assigning it to an enum variable

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

This might matter, for example, if the underlying type of enum xz_check
was a signed char. In such a case the validation wouldn't have caught an
unsupported header. I don't know if this problem can occur in the kernel
on any arch but it's still good to fix it because some people might copy
the XZ code to their own projects from Linux instead of the upstream
XZ Embedded repository.

This change may increase the code size by a few bytes. An alternative
would have been to use an unsigned int instead of enum xz_check but
using an enumeration looks cleaner.

Link: https://lore.kernel.org/r/20211010213145.17462-3-xiang@kernel.org
Signed-off-by: Lasse Collin <lasse.collin@tukaani.org>
Signed-off-by: Gao Xiang <hsiangkao@linux.alibaba.com>

authored by

Lasse Collin and committed by

Gao Xiang 4 years ago 4f8d7aba 83d3c4f2

+3 -3

1 changed file

expand all

lib

xz_dec_stream.c

+3 -3

lib/xz/xz_dec_stream.c

··· 402 402 * we will accept other check types too, but then the check won't 403 403 * be verified and a warning (XZ_UNSUPPORTED_CHECK) will be given. 404 404 */ 405 + if (s->temp.buf[HEADER_MAGIC_SIZE + 1] > XZ_CHECK_MAX) 406 + return XZ_OPTIONS_ERROR; 407 + 405 408 s->check_type = s->temp.buf[HEADER_MAGIC_SIZE + 1]; 406 409 407 410 #ifdef XZ_DEC_ANY_CHECK 408 - if (s->check_type > XZ_CHECK_MAX) 409 - return XZ_OPTIONS_ERROR; 410 - 411 411 if (s->check_type > XZ_CHECK_CRC32) 412 412 return XZ_UNSUPPORTED_CHECK; 413 413 #else