root
/
xz
mirror of https://git.tukaani.org/xz.git
1
0
Fork 0
Code Issues Releases Wiki Activity

lzmainfo: Avoid integer overflow 

The MB output can overflow with huge numbers. Most likely these are
invalid .lzma files anyway, but let's avoid garbage output.

lzmadec was adapted from LZMA Utils. The original code with this bug
was written in 2005, over 19 years ago.

Co-authored-by: Lasse Collin <lasse.collin@tukaani.org>
Closes: https://github.com/tukaani-project/xz/pull/144
(cherry picked from commit 76cfd0a9bb)
This commit is contained in:
Tobias Stoeckmann 2024-09-16 23:19:46 +02:00 committed by Lasse Collin
parent 40a7f163f5
commit aef9a25b32
No known key found for this signature in database
GPG Key ID: 38EE757D69184620
1 changed files with 2 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/lzmainfo/lzmainfo.c
View File

@ -149,8 +149,7 @@ lzmainfo(const char *name, FILE *f)
printf("Unknown");
else
printf("%" PRIu64 " MB (%" PRIu64 " bytes)",
(uncompressed_size + 512 * 1024)
/ (1024 * 1024),
(uncompressed_size / 1024 + 512) / 1024,
uncompressed_size);
lzma_options_lzma *opt = filter.options;
@ -160,7 +159,7 @@ lzmainfo(const char *name, FILE *f)
"Literal context bits (lc): %" PRIu32 "\n"
"Literal pos bits (lp): %" PRIu32 "\n"
"Number of pos bits (pb): %" PRIu32 "\n",
(opt->dict_size + 512 * 1024) / (1024 * 1024),
(opt->dict_size / 1024 + 512) / 1024,
my_log2(opt->dict_size), opt->lc, opt->lp, opt->pb);
free(opt);