From 767778cf1b621367be5087d47b68af7e97194adb Mon Sep 17 00:00:00 2001
From: Jacob Nevins <jacobn@chiark.greenend.org.uk>
Date: Tue, 1 Mar 2011 23:44:06 +0000
Subject: [PATCH] Add some extra validation to zlib decompression (primarily to
 shut up a GCC 4.6 warning).

[originally from svn r9113]
---
 sshzlib.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/sshzlib.c b/sshzlib.c
index 9c801325..cc287240 100644
--- a/sshzlib.c
+++ b/sshzlib.c
@@ -1259,6 +1259,8 @@ int zlib_decompress_block(void *handle, unsigned char *block, int len,
 		goto finished;
 	    nlen = dctx->bits & 0xFFFF;
 	    EATBITS(16);
+	    if (dctx->uncomplen != (nlen ^ 0xFFFF))
+		goto decode_error;
 	    if (dctx->uncomplen == 0)
 		dctx->state = OUTSIDEBLK;	/* block is empty */
 	    else