diff options
author | yann.collet.73@gmail.com <yann.collet.73@gmail.com@650e7d94-2a16-8b24-b05c-7c0b3f6821cd> | 2011-09-03 12:43:13 (GMT) |
---|---|---|
committer | yann.collet.73@gmail.com <yann.collet.73@gmail.com@650e7d94-2a16-8b24-b05c-7c0b3f6821cd> | 2011-09-03 12:43:13 (GMT) |
commit | 558c03a1af26cc188f5d998f7d7ae2d87dd0daa1 (patch) | |
tree | a86aaac2efe784a15b6db666023df5ce15b4a794 | |
parent | 3a6d9640fb92ebade0ee6147a277ab26e6e040b4 (diff) | |
download | lz4-558c03a1af26cc188f5d998f7d7ae2d87dd0daa1.zip lz4-558c03a1af26cc188f5d998f7d7ae2d87dd0daa1.tar.gz lz4-558c03a1af26cc188f5d998f7d7ae2d87dd0daa1.tar.bz2 |
Corrected a (rare) bug in compression function
git-svn-id: https://lz4.googlecode.com/svn/trunk@14 650e7d94-2a16-8b24-b05c-7c0b3f6821cd
-rw-r--r-- | Makefile | 2 | ||||
-rw-r--r-- | lz4.c | 11 |
2 files changed, 10 insertions, 3 deletions
@@ -1,4 +1,4 @@ -all: lz4.32 lz4.64 +all: lz4.64 lz4.32 lz4.64: lz4.c lz4.h main.c gcc -g -O3 -I. -Wall -W lz4.c main.c -o lz4.64.exe @@ -48,7 +48,7 @@ //**************************************
// Basic Types
//**************************************
-#if defined(_MSC_VER) || defined(_WIN32) || defined(__WIN32__)
+#if defined(_MSC_VER)
#define BYTE unsigned __int8
#define U16 unsigned __int16
#define U32 unsigned __int32
@@ -161,7 +161,7 @@ int LZ4_compressCtx(void** ctx, step=1;
// Catch up
- while ((ip>anchor) && (ip[-1]==ref[-1])) { ip--; ref--; }
+ while ((ip>anchor) && (ref>(BYTE*)source) && (ip[-1]==ref[-1])) { ip--; ref--; }
// Encode Literal length
length = ip - anchor;
@@ -221,6 +221,13 @@ _endCount: //****************************
// Decompression CODE
//****************************
+
+// Note : The decoding functions LZ4_uncompress() and LZ4_uncompress_unknownOutputSize()
+// are safe against "buffer overflow" attack type
+// since they will *never* write outside of the provided output buffer :
+// they both check this condition *before* writing anything.
+// A corrupted packet however can make them *read* within the first 64K before the output buffer.
+
int LZ4_uncompress(char* source,
char* dest,
int osize)
|