]> git.ipfire.org Git - thirdparty/zstd.git/commit
projects / thirdparty / zstd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c9072ee) | patch
[legacy] Fix buffer overflow in v0.2 and v0.4 raw literals decompression 1737/head
authorNick Terrell <terrelln@fb.com>
Wed, 21 Aug 2019 00:13:04 +0000 (17:13 -0700)
committerNick Terrell <terrelln@fb.com>
Wed, 21 Aug 2019 00:13:04 +0000 (17:13 -0700)
commit07f22d465d0f85aa00f20fc2f0b59a50ddfe494f
treea31d0c933102b935298c0f593733803e06ca713etree
parentc9072ee674c9a928281286022f4d9393b0d113eccommit | diff
[legacy] Fix buffer overflow in v0.2 and v0.4 raw literals decompression

Extends the fix in PR#1722 to v0.2 and v0.4. These aren't built into
zstd by default, and v0.5 onward are not affected.

I only add the `srcSize > BLOCKSIZE` check to v0.4 because the comments
say that it must hold, but the equivalent comment isn't present in v0.2.

Credit to OSS-Fuzz.
lib/legacy/zstd_v02.c diff | blob | blame | history
lib/legacy/zstd_v04.c diff | blob | blame | history
Mirror of https://github.com/facebook/zstd.git