summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--deflate.c6
-rw-r--r--deflate.h1
2 files changed, 6 insertions, 1 deletions
diff --git a/deflate.c b/deflate.c
index ecae0d0..a04f86d 100644
--- a/deflate.c
+++ b/deflate.c
@@ -2441,8 +2441,12 @@ int deflate_decompress_data(deflate_decompress_ctx *dctx,
*/
if (dctx->nbits < 16)
goto finished;
- nlen = dctx->bits & 0xFFFF;
+ nlen = 0xFFFF & ~dctx->bits;
EATBITS(16);
+ if (dctx->uncomplen != (nlen ^ 0xFFFF)) {
+ error = DEFLATE_ERR_UNCOMP_HDR;
+ goto finished;
+ }
if (dctx->uncomplen == 0)
dctx->state = OUTSIDEBLK; /* block is empty */
else
diff --git a/deflate.h b/deflate.h
index 80837f9..6f51407 100644
--- a/deflate.h
+++ b/deflate.h
@@ -150,6 +150,7 @@ int deflate_decompress_data(deflate_decompress_ctx *ctx,
A(DEFLATE_ERR_GZIP_FHCRC, "gzip header specifies disputed FHCRC flag"), \
A(DEFLATE_ERR_SMALL_HUFTABLE, "under-committed Huffman code space"), \
A(DEFLATE_ERR_LARGE_HUFTABLE, "over-committed Huffman code space"), \
+ A(DEFLATE_ERR_UNCOMP_HDR, "wrongly formatted header in uncompressed block"), \
A(DEFLATE_ERR_CHECKSUM, "incorrect data checksum"), \
A(DEFLATE_ERR_INLEN, "incorrect data length"), \
A(DEFLATE_ERR_UNEXPECTED_EOF, "unexpected end of data")
generated by cgit v1.1 at 2026-04-24 22:22:40 +0000