From f971b66c477b128f617f14dd75ec3b85dfce28c8 Mon Sep 17 00:00:00 2001
From: Turo Lamminen <turotl@gmail.com>
Date: Wed, 28 Jan 2015 14:29:14 +0200
Subject: [PATCH] Fix out-of-bounds read in invalid compressed X file

---
 code/XFileParser.cpp | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/code/XFileParser.cpp b/code/XFileParser.cpp
index 36e70bc1c..a62aef414 100644
--- a/code/XFileParser.cpp
+++ b/code/XFileParser.cpp
@@ -214,6 +214,10 @@ XFileParser::XFileParser( const std::vector<char>& pBuffer)
 			AI_SWAP2(ofs); 
 			P += 4;
 
+			if (P + ofs > End + 2) {
+				throw DeadlyImportError("X: Unexpected EOF in compressed chunk");
+			}
+
 			// push data to the stream
 			stream.next_in   = (Bytef*)P;
 			stream.avail_in  = ofs;