zstream: fail when asked to inflate garbage

When we are provided some input buffer (with a length) to inflate, and it contains more data than simply the deflated data, fail. zlib will helpfully tell us when it is done reading (via Z_STREAM_END), so if there is data leftover in the input buffer, fail lest we continually try to inflate it.
author: Edward Thomson <ethomson@edwardthomson.com> 2015-07-09 18:36:53 -0500
committer: Edward Thomson <ethomson@github.com> 2016-05-26 13:01:04 -0500
commit: b8dc2fdb92c350b786fe4cb27e9b841b794c1e86 (patch)
tree: 1db9221b8a3505fa557d18874e46a0eaa59e7ec7 /src
parent: 5b78dbdbf30d863760936ee6755dfd3db951c1e3 (diff)
download: libgit2-b8dc2fdb92c350b786fe4cb27e9b841b794c1e86.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/src/zstream.c b/src/zstream.c
index 6533449e8..d9ad4ca89 100644
--- a/src/zstream.c
+++ b/src/zstream.c
@@ -86,6 +86,11 @@ int git_zstream_get_output(void *out, size_t *out_len, git_zstream *zstream)
 	int zflush = Z_FINISH;
 	size_t out_remain = *out_len;
 
+	if (zstream->in_len && zstream->zerr == Z_STREAM_END) {
+		giterr_set(GITERR_ZLIB, "zlib input had trailing garbage");
+		return -1;
+	}
+
 	while (out_remain > 0 && zstream->zerr != Z_STREAM_END) {
 		size_t out_queued, in_queued, out_used, in_used;
author	Edward Thomson <ethomson@edwardthomson.com>	2015-07-09 18:36:53 -0500
committer	Edward Thomson <ethomson@github.com>	2016-05-26 13:01:04 -0500
commit	b8dc2fdb92c350b786fe4cb27e9b841b794c1e86 (patch)
tree	1db9221b8a3505fa557d18874e46a0eaa59e7ec7 /src
parent	5b78dbdbf30d863760936ee6755dfd3db951c1e3 (diff)
download	libgit2-b8dc2fdb92c350b786fe4cb27e9b841b794c1e86.tar.gz