From 22574d848df09616d07fe26b363700525cb9cce9 Mon Sep 17 00:00:00 2001 From: Yann Collet Date: Tue, 6 Feb 2024 12:15:54 -0800 Subject: [PATCH] fix issue 5921623844651008 ossfuzz managed to create a scenario which triggers an `assert`. This fixes it, by giving +1 more space for the backward search pass. --- lib/compress/zstd_compress_internal.h | 2 +- lib/compress/zstd_opt.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/compress/zstd_compress_internal.h b/lib/compress/zstd_compress_internal.h index 087ea49dc..e41d7b78e 100644 --- a/lib/compress/zstd_compress_internal.h +++ b/lib/compress/zstd_compress_internal.h @@ -168,7 +168,7 @@ typedef struct { typedef enum { zop_dynamic=0, zop_predef } ZSTD_OptPrice_e; -#define ZSTD_OPT_SIZE (ZSTD_OPT_NUM+2) +#define ZSTD_OPT_SIZE (ZSTD_OPT_NUM+3) typedef struct { /* All tables are allocated inside cctx->workspace by ZSTD_resetCCtx_internal() */ unsigned* litFreq; /* table of literals statistics, of size 256 */ diff --git a/lib/compress/zstd_opt.c b/lib/compress/zstd_opt.c index 8e1be1cec..0449204dd 100644 --- a/lib/compress/zstd_opt.c +++ b/lib/compress/zstd_opt.c @@ -1196,7 +1196,7 @@ ZSTD_compressBlock_opt_generic(ZSTD_matchState_t* ms, /* check further positions */ for (cur = 1; cur <= last_pos; cur++) { const BYTE* const inr = ip + cur; - assert(cur < ZSTD_OPT_NUM); + assert(cur <= ZSTD_OPT_NUM); DEBUGLOG(7, "cPos:%zi==rPos:%u", inr-istart, cur); /* Fix current position with one literal if cheaper */ -- 2.47.2