root/xz
1
0
Fork 0
mirror of https://git.tukaani.org/xz.git synced 2025-11-04 07:22:55 +00:00
Code Issues Releases Wiki Activity

lzmainfo: Avoid integer overflow

Browse Source 
The MB output can overflow with huge numbers. Most likely these are
invalid .lzma files anyway, but let's avoid garbage output.

lzmadec was adapted from LZMA Utils. The original code with this bug
was written in 2005, over 19 years ago.

Co-authored-by: Lasse Collin <lasse.collin@tukaani.org>
Closes: https://github.com/tukaani-project/xz/pull/144
This commit is contained in:
Tobias Stoeckmann 2024-09-16 23:19:46 +02:00 committed by Lasse Collin
parent 78355aebb7
commit 76cfd0a9bb
1 changed files with 2 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/lzmainfo/lzmainfo.c
View File

@ -149,8 +149,7 @@ lzmainfo(const char *name, FILE *f)
printf("Unknown"); printf("Unknown");
else else
printf("%" PRIu64 " MB (%" PRIu64 " bytes)", printf("%" PRIu64 " MB (%" PRIu64 " bytes)",
(uncompressed_size + 512 * 1024) (uncompressed_size / 1024 + 512) / 1024,
/ (1024 * 1024),
uncompressed_size); uncompressed_size);
lzma_options_lzma *opt = filter.options; lzma_options_lzma *opt = filter.options;
@ -160,7 +159,7 @@ lzmainfo(const char *name, FILE *f)
"Literal context bits (lc): %" PRIu32 "\n" "Literal context bits (lc): %" PRIu32 "\n"
"Literal pos bits (lp): %" PRIu32 "\n" "Literal pos bits (lp): %" PRIu32 "\n"
"Number of pos bits (pb): %" PRIu32 "\n", "Number of pos bits (pb): %" PRIu32 "\n",
(opt->dict_size + 512 * 1024) / (1024 * 1024), (opt->dict_size / 1024 + 512) / 1024,
my_log2(opt->dict_size), opt->lc, opt->lp, opt->pb); my_log2(opt->dict_size), opt->lc, opt->lp, opt->pb);
free(opt); free(opt);