From 7ad77ff540629ae072636bc565db79ba1f4e9cff Mon Sep 17 00:00:00 2001
From: John Reiser <jreiser@BitWagon.com>
Date: Sat, 9 May 2015 06:56:32 -0700
Subject: [PATCH] Check blocksize.  CERT-FI 829767
 id:000005,sig:06,src:000000,op:havoc,rep:16

---
 src/p_mach.cpp | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/p_mach.cpp b/src/p_mach.cpp
index a143c801..b595d537 100644
--- a/src/p_mach.cpp
+++ b/src/p_mach.cpp
@@ -1285,7 +1285,8 @@ void PackMachBase<T>::unpack(OutputFile *fo)
     fi->readx(&hbuf, sizeof(hbuf));
     unsigned orig_file_size = get_te32(&hbuf.p_filesize);
     blocksize = get_te32(&hbuf.p_blocksize);
-    if (file_size > (off_t)orig_file_size || blocksize > orig_file_size)
+    if (file_size > (off_t)orig_file_size || blocksize > orig_file_size
+    ||  blocksize > 0x01000000)
         throwCantUnpack("file header corrupted");
 
     ibuf.alloc(blocksize + OVERHEAD);