Backport fix from commit 125d817

author Nick Terrell <terrelln@fb.com>

Tue, 18 Oct 2016 21:52:34 +0000 (14:52 -0700)

committer Nick Terrell <terrelln@fb.com>

Tue, 18 Oct 2016 21:52:34 +0000 (14:52 -0700)
author Nick Terrell <terrelln@fb.com>
Tue, 18 Oct 2016 21:52:34 +0000 (14:52 -0700)
committer Nick Terrell <terrelln@fb.com>
Tue, 18 Oct 2016 21:52:34 +0000 (14:52 -0700)
diff --git a/lib/legacy/zstd_v05.c b/lib/legacy/zstd_v05.c

index a8045aea007629ac91a40d833079b127bd734944..06dba06678612d48a9f392ff05bf499f884afddc 100644 (file)
--- a/lib/legacy/zstd_v05.c
+++ b/lib/legacy/zstd_v05.c
@@ -2944,6 +2944,7 @@ size_t ZSTDv05_decodeLiteralsBlock(ZSTDv05_DCtx* dctx,
          {
              size_t litSize, litCSize, singleStream=0;
              U32 lhSize = ((istart[0]) >> 4) & 3;
+            if (srcSize < 5) return ERROR(corruption_detected);   /* srcSize >= MIN_CBLOCK_SIZE == 3; here we need up to 5 for case 3 */
              switch(lhSize)
              {
              case 0: case 1: default:   /* note : default is impossible, since lhSize into [0..3] */
author	Nick Terrell <terrelln@fb.com>
	Tue, 18 Oct 2016 21:52:34 +0000 (14:52 -0700)
committer	Nick Terrell <terrelln@fb.com>
	Tue, 18 Oct 2016 21:52:34 +0000 (14:52 -0700)