liblzma: Always validate the first digit of a preset string

lzma_str_to_filters() may call parse_lzma12_preset() in two ways. The
call from str_to_filters() detects the string type from the first
character(s) and as a side-effect it validates the first digit of
the preset string. So this change makes no difference there.

However, the call from parse_options() doesn't pre-validate the string.
parse_lzma12_preset() will return an invalid value which is passed to
lzma_lzma_preset() which safely rejects it. The bug still affects the
the error message:

    $ xz --filters=lzma2:preset=X
    xz: Error in --filters=FILTERS option:
    xz: lzma2:preset=X
    xz:               ^
    xz: Unsupported preset

After the fix:

    $ xz --filters=lzma2:preset=X
    xz: Error in --filters=FILTERS option:
    xz: lzma2:preset=X
    xz:              ^
    xz: Unsupported preset

The ^ now correctly points to the X and not past it because the X itself
is the problematic character.

Fixes: cedeeca2ea6ada5b0411b2ae10d7a859e837f203

diff --git a/src/liblzma/common/string_conversion.c b/src/liblzma/common/string_conversion.c
index c899783c642a51bd41d432efe3eca69d2290fcce..3a08486a1f62a9d11352f9310bc3a24fdeb4e6a2 100644 (file)
--- a/src/liblzma/common/string_conversion.c
+++ b/src/liblzma/common/string_conversion.c
@@ -317,6 +317,10 @@ parse_lzma12_preset(const char **const str, const char *str_end,
                uint32_t *preset)
 {
        assert(*str < str_end);
+
+       if (!(**str >= '0' && **str <= '9'))
+               return "Unsupported preset";
+
        *preset = (uint32_t)(**str - '0');
 
        // NOTE: Remember to update LZMA12_PRESET_STR if this is modified!