6 files changed, 36 insertions, 6 deletions

diff --git a/Changes b/Changes
index b69d2b0..bf417da 100644
--- a/Changes
+++ b/Changes
@@ -6,6 +6,8 @@
           data validity.
         - help applications that do not pass in the correct length
           (such as php) by returning either EINVAL or E2BIG.
+        - default HLOG size is now 15 (cpu caches have increased).
+        - documentation fixes.
 
 1.51 Thu Apr 14 22:15:46 CEST 2005
 	- incorporated C♯ implementation of both the en- and decoder,
diff --git a/Makefile.in b/Makefile.in
index 21bc031..050b56d 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -1,4 +1,4 @@
-VERSION = 1.51
+VERSION = 1.6
 
 prefix = @prefix@
 exec_prefix = @exec_prefix@
diff --git a/cs/CLZF.cs b/cs/CLZF.cs
index 81b93bf..4e1b5d5 100644
--- a/cs/CLZF.cs
+++ b/cs/CLZF.cs
@@ -328,7 +328,7 @@ namespace LZF.NET
 					while ((--len)!=0);
 					}
 				}
-			while (oidx < out_len && iidx < in_len);
+			while (iidx < in_len);
 
 			return (int)oidx;
 		}
diff --git a/lzf.c b/lzf.c
index a7a6a82..b608cc0 100644
--- a/lzf.c
+++ b/lzf.c
@@ -40,6 +40,7 @@
 
 #include <stdio.h>
 #include <stdlib.h>
+#include <string.h>
 #include <assert.h>
 
 #include <unistd.h>
@@ -203,6 +204,9 @@ main (int argc, char *argv[])
   unsigned int blocksize = 64*1024-1;
   enum { m_compress, m_decompress } mode = m_compress;
 
+  if (!strcmp (argv[0] + strlen (argv[0] - 5), "unlzf"))
+    mode = m_decompress;
+
   while ((c = getopt (argc, argv, "cdb:h")) != -1)
     switch (c)
       {
diff --git a/lzfP.h b/lzfP.h
index 84c6028..4d5a21e 100644
--- a/lzfP.h
+++ b/lzfP.h
@@ -128,7 +128,7 @@
  * (<1% slowdown), but might slow down older cpus considerably.
  */
 #ifndef CHECK_INPUT
-# define CHECK_INPUT 0
+# define CHECK_INPUT 1
 #endif
 
 /*****************************************************************************/
diff --git a/lzf_d.c b/lzf_d.c
index d0229d7..73a1a80 100644
--- a/lzf_d.c
+++ b/lzf_d.c
@@ -68,6 +68,14 @@ lzf_decompress (const void *const in_data,  unsigned int in_len,
               return 0;
             }
 
+#if CHECK_INPUT
+          if (ip + ctrl > in_end)
+            {
+              SET_ERRNO (EINVAL);
+              return 0;
+            }
+#endif
+
 #if USE_MEMCPY
           memcpy (op, ip, ctrl);
           op += ctrl;
@@ -84,9 +92,25 @@ lzf_decompress (const void *const in_data,  unsigned int in_len,
 
           u8 *ref = op - ((ctrl & 0x1f) << 8) - 1;
 
+#if CHECK_INPUT
+          if (ip >= in_end)
+            {
+              SET_ERRNO (EINVAL);
+              return 0;
+            }
+#endif
           if (len == 7)
-            len += *ip++;
-          
+            {
+              len += *ip++;
+#if CHECK_INPUT
+              if (ip >= in_end)
+                {
+                  SET_ERRNO (EINVAL);
+                  return 0;
+                }
+#endif
+            }
+
           ref -= *ip++;
 
           if (op + len + 2 > out_end)
@@ -109,7 +133,7 @@ lzf_decompress (const void *const in_data,  unsigned int in_len,
           while (--len);
         }
     }
-  while (op < out_end && ip < in_end);
+  while (ip < in_end);
 
   return op - (u8 *)out_data;
 }