From: Nick Terrell <terrelln@fb.com>
Date: Tue, 18 Oct 2016 21:22:49 +0000 (-0700)
Subject: Backport fix from commit 9e8b09a
X-Git-Tag: v1.1.1~21^2~6
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f45b157d956e083c16a5c2b1f5793476a1df9081;p=thirdparty%2Fzstd.git

Backport fix from commit 9e8b09a

Fixes uninitialized memory reads.
Full commit hash: 9e8b09a7bd42dd06ee62b33aff215fbb52708d7b
---

diff --git a/lib/legacy/zstd_v05.c b/lib/legacy/zstd_v05.c
index 7446b8457..a8045aea0 100644
--- a/lib/legacy/zstd_v05.c
+++ b/lib/legacy/zstd_v05.c
@@ -2967,6 +2967,7 @@ size_t ZSTDv05_decodeLiteralsBlock(ZSTDv05_DCtx* dctx,
                 break;
             }
             if (litSize > BLOCKSIZE) return ERROR(corruption_detected);
+            if (litCSize + lhSize > srcSize) return ERROR(corruption_detected);
 
             if (HUFv05_isError(singleStream ?
                             HUFv05_decompress1X2(dctx->litBuffer, litSize, istart+lhSize, litCSize) :