domain builder: Fix sanity check for gzip size.

author kfraser@localhost.localdomain <kfraser@localhost.localdomain>

Thu, 26 Apr 2007 14:42:49 +0000 (15:42 +0100)

committer kfraser@localhost.localdomain <kfraser@localhost.localdomain>

Thu, 26 Apr 2007 14:42:49 +0000 (15:42 +0100)
author kfraser@localhost.localdomain <kfraser@localhost.localdomain>
Thu, 26 Apr 2007 14:42:49 +0000 (15:42 +0100)
committer kfraser@localhost.localdomain <kfraser@localhost.localdomain>
Thu, 26 Apr 2007 14:42:49 +0000 (15:42 +0100)
diff --git a/tools/libxc/xc_dom_core.c b/tools/libxc/xc_dom_core.c

index d6b4d1d35afe9af5874dc4c7d665dcea826b0eb3..c338498f089fc4d703a68467479ada60717dc321 100644 (file)
--- a/tools/libxc/xc_dom_core.c
+++ b/tools/libxc/xc_dom_core.c
@@ -209,13 +209,13 @@ size_t xc_dom_check_gzip(void *blob, size_t ziplen)
      unsigned char *gzlen;
      size_t unziplen;
  
-    if (strncmp(blob, "\037\213", 2))
+    if ( strncmp(blob, "\037\213", 2) )
          /* not gzipped */
          return 0;
  
      gzlen = blob + ziplen - 4;
      unziplen = gzlen[3] << 24 | gzlen[2] << 16 | gzlen[1] << 8 | gzlen[0];
-    if ( (unziplen < ziplen) || (unziplen > (ziplen * 8)) )
+    if ( (unziplen < 0) || (unziplen > (1024*1024*1024)) ) /* 1GB limit */
      {
          xc_dom_printf
              ("%s: size (zip %zd, unzip %zd) looks insane, skip gunzip\n",
author	kfraser@localhost.localdomain <kfraser@localhost.localdomain>
	Thu, 26 Apr 2007 14:42:49 +0000 (15:42 +0100)
committer	kfraser@localhost.localdomain <kfraser@localhost.localdomain>
	Thu, 26 Apr 2007 14:42:49 +0000 (15:42 +0100)