[LZ4_compress_destSize] Fix off-by-one error

PR#756 fixed the data corruption bug, but didn't clear `ip`. PR#760 fixed that off-by-one error, but missed the case where `ip == filledIp`, which is harder for the fuzzers to find (it took 20 days not 1 day). Verified this fixed the issue reported by OSS-Fuzz. Credit to OSS-Fuzz.
author: Nick Terrell <terrelln@fb.com> 2019-08-09 17:32:26 (GMT)
committer: Nick Terrell <terrelln@fb.com> 2019-08-09 17:36:46 (GMT)
commit: d7cad81093cd805110291f84d64d385557d0ffba (patch)
tree: 9af7fb7a0b32809791cad70c12eda3dc9ccb48c7
parent: 1bcde6414a68094601ecd57a968808fdd43fb986 (diff)
download: lz4-d7cad81093cd805110291f84d64d385557d0ffba.zip
lz4-d7cad81093cd805110291f84d64d385557d0ffba.tar.gz
lz4-d7cad81093cd805110291f84d64d385557d0ffba.tar.bz2
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/lz4.c b/lib/lz4.c
index 877d14e..9808d70 100644
--- a/lib/lz4.c
+++ b/lib/lz4.c
@@ -1040,7 +1040,7 @@ _next_match:
                     ip -= matchCode - newMatchCode;
                     assert(newMatchCode < matchCode);
                     matchCode = newMatchCode;
-                    if (unlikely(ip < filledIp)) {
+                    if (unlikely(ip <= filledIp)) {
                         /* We have already filled up to filledIp so if ip ends up less than filledIp
                          * we have positions in the hash table beyond the current position. This is
                          * a problem if we reuse the hash table. So we have to remove these positions
author	Nick Terrell <terrelln@fb.com>	2019-08-09 17:32:26 (GMT)
committer	Nick Terrell <terrelln@fb.com>	2019-08-09 17:36:46 (GMT)
commit	d7cad81093cd805110291f84d64d385557d0ffba (patch)
tree	9af7fb7a0b32809791cad70c12eda3dc9ccb48c7
parent	1bcde6414a68094601ecd57a968808fdd43fb986 (diff)
download	lz4-d7cad81093cd805110291f84d64d385557d0ffba.zip lz4-d7cad81093cd805110291f84d64d385557d0ffba.tar.gz lz4-d7cad81093cd805110291f84d64d385557d0ffba.tar.bz2