From: Yann Collet Date: Sun, 21 Oct 2018 01:53:02 +0000 (-0700) Subject: fix decodecorpus incorrect frame generation X-Git-Tag: v1.3.8~70^2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F1380%2Fhead;p=thirdparty%2Fzstd.git fix decodecorpus incorrect frame generation fix #1379 decodecorpus was generating one extraneous byte when `nbSeq==0`. This is disallowed by the specification. The reference decoder was just skipping the extraneous byte. It is now stricter, and flag such situation as an error. --- diff --git a/lib/decompress/zstd_decompress.c b/lib/decompress/zstd_decompress.c index 711b5b6d7..4a4930f07 100644 --- a/lib/decompress/zstd_decompress.c +++ b/lib/decompress/zstd_decompress.c @@ -975,7 +975,7 @@ static const U32 ML_base[MaxML+1] = { 67, 83, 99, 0x83, 0x103, 0x203, 0x403, 0x803, 0x1003, 0x2003, 0x4003, 0x8003, 0x10003 }; -/* Hidden delcaration for fullbench */ +/* Function required by fullbench; Hidden declaration to respect -Wmissing-prototypes */ size_t ZSTD_decodeSeqHeaders(ZSTD_DCtx* dctx, int* nbSeqPtr, const void* src, size_t srcSize); @@ -993,7 +993,11 @@ size_t ZSTD_decodeSeqHeaders(ZSTD_DCtx* dctx, int* nbSeqPtr, /* SeqHead */ nbSeq = *ip++; - if (!nbSeq) { *nbSeqPtr=0; return 1; } + if (!nbSeq) { + *nbSeqPtr=0; + if (srcSize != 1) return ERROR(srcSize_wrong); + return 1; + } if (nbSeq > 0x7F) { if (nbSeq == 0xFF) { if (ip+2 > iend) return ERROR(srcSize_wrong); diff --git a/programs/windres/zstd32.res b/programs/windres/zstd32.res index 276cb20b7..2c2b9b01e 100644 Binary files a/programs/windres/zstd32.res and b/programs/windres/zstd32.res differ diff --git a/programs/windres/zstd64.res b/programs/windres/zstd64.res index 3eb0162f0..4a37157ea 100644 Binary files a/programs/windres/zstd64.res and b/programs/windres/zstd64.res differ diff --git a/tests/decodecorpus.c b/tests/decodecorpus.c index 2c2276004..4c5542e31 100644 --- a/tests/decodecorpus.c +++ b/tests/decodecorpus.c @@ -823,15 +823,14 @@ static size_t writeSequences(U32* seed, frame_t* frame, seqStore_t* seqStorePtr, else if (nbSeq < LONGNBSEQ) op[0] = (BYTE)((nbSeq>>8) + 0x80), op[1] = (BYTE)nbSeq, op+=2; else op[0]=0xFF, MEM_writeLE16(op+1, (U16)(nbSeq - LONGNBSEQ)), op+=3; - /* seqHead : flags for FSE encoding type */ - seqHead = op++; - if (nbSeq==0) { frame->data = op; - return 0; } + /* seqHead : flags for FSE encoding type */ + seqHead = op++; + /* convert length/distances into codes */ ZSTD_seqToCodes(seqStorePtr);