From 52f9ef14b9199a7898c9878863e1fe097845efe9 Mon Sep 17 00:00:00 2001
From: John Reiser <jreiser@BitWagon.com>
Date: Sat, 9 May 2015 07:13:47 -0700
Subject: [PATCH] Check ph.c_len; CERT-FI 829767
 id:000010,sig:06,src:000000,op:flip1,pos:11584

---
 src/p_mach.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/p_mach.cpp b/src/p_mach.cpp
index b595d537..bb97bc9a 100644
--- a/src/p_mach.cpp
+++ b/src/p_mach.cpp
@@ -1294,7 +1294,7 @@ void PackMachBase<T>::unpack(OutputFile *fo)
     fi->readx(&bhdr, sizeof(bhdr));
     ph.u_len = get_te32(&bhdr.sz_unc);
     ph.c_len = get_te32(&bhdr.sz_cpr);
-    if (file_size < ph.c_len)
+    if (file_size < ph.c_len || ph.c_len == 0 || ph.u_len == 0)
         throwCantUnpack("file header corrupted");
     ph.method = bhdr.b_method;
     ph.filter = bhdr.b_ftid;