diff options
author | Jeffrey Walton <noloader@gmail.com> | 2017-05-10 18:17:12 -0400 |
---|---|---|
committer | Jeffrey Walton <noloader@gmail.com> | 2017-05-10 18:17:12 -0400 |
commit | 07dbcc3d9644b18e05c1776db2a57fe04d780965 (patch) | |
tree | 3a185d45ca75667c66e86582a0de8fcbc9228e6d /zinflate.cpp | |
parent | e456cd2275bba020e4ee3cc08381f3269df536b0 (diff) | |
download | cryptopp-git-07dbcc3d9644b18e05c1776db2a57fe04d780965.tar.gz |
Add Inflator::BadDistanceErr exception (Issue 414)
The improved validation and excpetion clears the Address Sanitizer and Undefined Behavior Sanitizer findings
Diffstat (limited to 'zinflate.cpp')
-rw-r--r-- | zinflate.cpp | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/zinflate.cpp b/zinflate.cpp index 62431771..ee15c945 100644 --- a/zinflate.cpp +++ b/zinflate.cpp @@ -552,12 +552,18 @@ bool Inflator::DecodeBody() case DISTANCE_BITS:
// TODO: this surfaced during fuzzing. What do we do???
CRYPTOPP_ASSERT(m_distance < COUNTOF(distanceExtraBits));
- bits = (m_distance >= COUNTOF(distanceExtraBits)) ? distanceExtraBits[29] : distanceExtraBits[m_distance];
+ if (m_distance >= COUNTOF(distanceExtraBits))
+ throw BadDistanceErr();
+ bits = distanceExtraBits[m_distance];
if (!m_reader.FillBuffer(bits))
{
m_nextDecode = DISTANCE_BITS;
break;
}
+ // TODO: this surfaced during fuzzing. What do we do???
+ CRYPTOPP_ASSERT(m_distance < COUNTOF(distanceStarts));
+ if (m_distance >= COUNTOF(distanceStarts))
+ throw BadDistanceErr();
m_distance = m_reader.GetBits(bits) + distanceStarts[m_distance];
OutputPast(m_literal, m_distance);
}
|