From f3728d99b9440078da55769ce96ece96a8f2efc6 Mon Sep 17 00:00:00 2001
From: John Reiser <jreiser@BitWagon.com>
Date: Wed, 10 Jan 2024 16:04:08 -0800
Subject: [PATCH] Check ph.method in PackMachBase::unpack

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65553
https://github.com/upx/upx/issues/766
	modified:   p_mach.cpp
---
 src/p_mach.cpp | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/p_mach.cpp b/src/p_mach.cpp
index 8c35ad28..c6fc1779 100644
--- a/src/p_mach.cpp
+++ b/src/p_mach.cpp
@@ -1512,6 +1512,9 @@ void PackMachBase<T>::unpack(OutputFile *fo)
     if ((unsigned)file_size < ph.c_len || ph.c_len == 0 || ph.u_len == 0)
         throwCantUnpack("file header corrupted");
     ph.method = bhdr.b_method;
+    if (ph.method < M_NRV2B_LE32
+    ||  ph.method > M_BZIP2)
+        throwCantUnpack("file header bad method");
     ph.filter = bhdr.b_ftid;
     ph.filter_cto = bhdr.b_cto8;