CVE-2015-8035 Fix XZ compression support loopCVE-2015-8035

For https://bugzilla.gnome.org/show_bug.cgi?id=757466 DoS when parsing specially crafted XML document if XZ support is compiled in (which wasn't the case for 2.9.2 and master since Nov 2013, fixed in next commit !)
author: Daniel Veillard <veillard@redhat.com> 2015-11-03 15:31:25 +0800
committer: Daniel Veillard <veillard@redhat.com> 2015-11-03 15:31:25 +0800
commit: f0709e3ca8f8947f2d91ed34e92e38a4c23eae63 (patch)
tree: 08b743f6f7ebe217a8ae57ef3e631aa0b968e0eb
parent: e724879d964d774df9b7969fc846605aa1bac54c (diff)
download: libxml2-f0709e3ca8f8947f2d91ed34e92e38a4c23eae63.tar.gz
1 files changed, 4 insertions, 0 deletions
diff --git a/xzlib.c b/xzlib.c
index 0dcb9f48..1fab5463 100644
--- a/xzlib.c
+++ b/xzlib.c
@@ -581,6 +581,10 @@ xz_decomp(xz_statep state)
             xz_error(state, LZMA_DATA_ERROR, "compressed data error");
             return -1;
         }
+        if (ret == LZMA_PROG_ERROR) {
+            xz_error(state, LZMA_PROG_ERROR, "compression error");
+            return -1;
+        }
     } while (strm->avail_out && ret != LZMA_STREAM_END);
 
     /* update available output and crc check value */
author	Daniel Veillard <veillard@redhat.com>	2015-11-03 15:31:25 +0800
committer	Daniel Veillard <veillard@redhat.com>	2015-11-03 15:31:25 +0800
commit	f0709e3ca8f8947f2d91ed34e92e38a4c23eae63 (patch)
tree	08b743f6f7ebe217a8ae57ef3e631aa0b968e0eb
parent	e724879d964d774df9b7969fc846605aa1bac54c (diff)
download	libxml2-f0709e3ca8f8947f2d91ed34e92e38a4c23eae63.tar.gz