* lib/zip_source_*: Verify user-supplied data.
--HG--
branch : HEAD
diff --git a/lib/zip_source_data.c b/lib/zip_source_data.c
index 2ed3669..56bf512 100644
--- a/lib/zip_source_data.c
+++ b/lib/zip_source_data.c
@@ -1,5 +1,5 @@
/*
- $NiH: zip_source_data.c,v 1.17 2004/11/17 21:55:13 wiz Exp $
+ $NiH: zip_source_data.c,v 1.1 2004/11/18 15:06:23 wiz Exp $
zip_source_data.c -- create zip data source from buffer
Copyright (C) 1999, 2003, 2004 Dieter Baron and Thomas Klausner
@@ -58,6 +58,9 @@
struct read_data *f;
struct zip_source *zs;
+ if (za == NULL)
+ return NULL;
+
if (len < 0 || (data == NULL && len > 0)) {
_zip_error_set(&za->error, ZIP_ER_INVAL, 0);
return NULL;
diff --git a/lib/zip_source_file.c b/lib/zip_source_file.c
index 52b86bb..8715625 100644
--- a/lib/zip_source_file.c
+++ b/lib/zip_source_file.c
@@ -1,5 +1,5 @@
/*
- $NiH: zip_source_file.c,v 1.14 2004/11/17 21:55:13 wiz Exp $
+ $NiH: zip_source_file.c,v 1.1 2004/11/18 15:06:23 wiz Exp $
zip_source_file.c -- create data source from file
Copyright (C) 1999, 2003, 2004 Dieter Baron and Thomas Klausner
@@ -49,6 +49,14 @@
struct zip_source *zs;
FILE *fp;
+ if (za == NULL)
+ return NULL;
+
+ if (fname == NULL || start < 0 || len < -1) {
+ _zip_error_set(&za->error, ZIP_ER_INVAL, 0);
+ return NULL;
+ }
+
if ((fp=fopen(fname, "rb")) == NULL) {
_zip_error_set(&za->error, ZIP_ER_OPEN, errno);
return NULL;
diff --git a/lib/zip_source_filep.c b/lib/zip_source_filep.c
index 8ebfb3a..71d03b9 100644
--- a/lib/zip_source_filep.c
+++ b/lib/zip_source_filep.c
@@ -1,5 +1,5 @@
/*
- $NiH: zip_source_filep.c,v 1.12 2004/11/17 21:55:13 wiz Exp $
+ $NiH: zip_source_filep.c,v 1.1 2004/11/18 15:06:24 wiz Exp $
zip_source_filep.c -- create data source from FILE *
Copyright (C) 1999, 2003, 2004 Dieter Baron and Thomas Klausner
@@ -62,6 +62,14 @@
struct read_file *f;
struct zip_source *zs;
+ if (za == NULL)
+ return NULL;
+
+ if (file == NULL || start < 0 || len < -1) {
+ _zip_error_set(&za->error, ZIP_ER_INVAL, 0);
+ return NULL;
+ }
+
if ((f=(struct read_file *)malloc(sizeof(struct read_file))) == NULL) {
_zip_error_set(&za->error, ZIP_ER_MEMORY, 0);
return NULL;
diff --git a/lib/zip_source_function.c b/lib/zip_source_function.c
index 083ecfc..746f9e3 100644
--- a/lib/zip_source_function.c
+++ b/lib/zip_source_function.c
@@ -1,5 +1,5 @@
/*
- $NiH: zip_source_function.c,v 1.17 2004/11/17 21:55:13 wiz Exp $
+ $NiH: zip_source_function.c,v 1.1 2004/11/18 15:06:24 wiz Exp $
zip_source_function.c -- create zip data source from callback function
Copyright (C) 1999, 2003, 2004 Dieter Baron and Thomas Klausner
@@ -47,6 +47,9 @@
{
struct zip_source *zs;
+ if (za == NULL)
+ return NULL;
+
if ((zs=malloc(sizeof(*zs))) == NULL) {
_zip_error_set(&za->error, ZIP_ER_MEMORY, 0);
return NULL;
diff --git a/lib/zip_source_zip.c b/lib/zip_source_zip.c
index f3b23cb..02fc3a0 100644
--- a/lib/zip_source_zip.c
+++ b/lib/zip_source_zip.c
@@ -1,5 +1,5 @@
/*
- $NiH: zip_source_zip.c,v 1.24 2004/11/17 21:55:13 wiz Exp $
+ $NiH: zip_source_zip.c,v 1.1 2004/11/18 15:06:24 wiz Exp $
zip_source_zip.c -- create data source from zip file
Copyright (C) 1999, 2003, 2004 Dieter Baron and Thomas Klausner
@@ -59,6 +59,14 @@
struct zip_source *zs;
struct read_zip *p;
+ if (za == NULL)
+ return NULL;
+
+ if (srcza == NULL || start < 0 || len < -1 || srcidx < 0 || srcidx >= srcza->nentry) {
+ _zip_error_set(&za->error, ZIP_ER_INVAL, 0);
+ return NULL;
+ }
+
if ((flags & ZIP_FL_UNCHANGED) == 0
&& ZIP_ENTRY_DATA_CHANGED(srcza->entry+srcidx)) {
_zip_error_set(&za->error, ZIP_ER_CHANGED, 0);
