From 82a51f35ea84ce66c344c0d59c9fb9140a739f63 Mon Sep 17 00:00:00 2001
From: John Reiser <jreiser@BitWagon.com>
Date: Fri, 8 May 2015 19:22:24 -0700
Subject: [PATCH] Validate header CERT_FI
 id:000000,sig:11,src:000000,op:flip1,pos:1

---
 src/p_mach.cpp | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/src/p_mach.cpp b/src/p_mach.cpp
index 18542310..f8ab8458 100644
--- a/src/p_mach.cpp
+++ b/src/p_mach.cpp
@@ -1250,12 +1250,20 @@ void PackMachBase<T>::pack1(OutputFile *const fo, Filter &/*ft*/)  // generate e
     return;
 }
 
+#define WANT_MACH_HEADER_ENUM 1
+#include "p_mach_enum.h"
+
 template <class T>
 void PackMachBase<T>::unpack(OutputFile *fo)
 {
     unsigned const lc_seg = lc_segment[sizeof(Addr)>>3];
     fi->seek(0, SEEK_SET);
     fi->readx(&mhdri, sizeof(mhdri));
+    if (!fo  // -t (test) mode
+    &&  (MH_MAGIC + (sizeof(Addr)>>3)) != mhdri.magic
+    &&  Mach_fat_header::FAT_MAGIC != mhdri.magic) {
+        throwCantUnpack("file header corrupted");
+    }
     rawmseg = (Mach_segment_command *)new char[(unsigned) mhdri.sizeofcmds];
     fi->readx(rawmseg, mhdri.sizeofcmds);
 
@@ -1657,12 +1665,12 @@ void PackMachFat::unpack(OutputFile *fo)
 
 bool PackMachFat::canPack()
 {
-    struct Mach_fat_arch *arch = &fat_head.arch[0];
+    struct Mach_fat_arch const *const arch = &fat_head.arch[0];
 
     fi->readx(&fat_head, sizeof(fat_head));
     unsigned const nfat = check_fat_head();
     for (unsigned j=0; j < nfat; ++j) {
-        fi->set_extent(fat_head.arch[j].offset, fat_head.arch[j].size);
+        fi->set_extent(arch[j].offset, arch[j].size);
         fi->seek(0, SEEK_SET);
         switch (arch[j].cputype) {
         default:
@@ -1707,7 +1715,7 @@ bool PackMachFat::canPack()
 
 int PackMachFat::canUnpack()
 {
-    struct Mach_fat_arch *arch = &fat_head.arch[0];
+    struct Mach_fat_arch const *const arch = &fat_head.arch[0];
 
     fi->readx(&fat_head, sizeof(fat_head));
     unsigned const nfat = check_fat_head();
@@ -1715,7 +1723,7 @@ int PackMachFat::canUnpack()
         return false;
     }
     for (unsigned j=0; j < nfat; ++j) {
-        fi->set_extent(fat_head.arch[j].offset, fat_head.arch[j].size);
+        fi->set_extent(arch[j].offset, arch[j].size);
         fi->seek(0, SEEK_SET);
         switch (arch[j].cputype) {
         default: return false;