summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorYann Collet <yann.collet.73@gmail.com>2014-06-22 10:25:04 (GMT)
committerYann Collet <yann.collet.73@gmail.com>2014-06-22 10:25:04 (GMT)
commitda5373197e84ee49d75b8334d4510689731d6e90 (patch)
tree991ff0ab40b967176ba425db19619d00a70a85d7
parent8d66dd7cd52c69d4542eb910bd8743ef95fa9d8c (diff)
downloadlz4-da5373197e84ee49d75b8334d4510689731d6e90.zip
lz4-da5373197e84ee49d75b8334d4510689731d6e90.tar.gz
lz4-da5373197e84ee49d75b8334d4510689731d6e90.tar.bz2
Fixed : issue 52 (reported by Ludwig Strigeus)
-rw-r--r--lz4.c9
-rw-r--r--[-rwxr-xr-x]lz4.h11
-rw-r--r--programs/fullbench.c3
-rw-r--r--programs/fuzzer.c9
-rw-r--r--[-rwxr-xr-x]programs/lz4io.c3
5 files changed, 19 insertions, 16 deletions
diff --git a/lz4.c b/lz4.c
index 6385aec..a1475dc 100644
--- a/lz4.c
+++ b/lz4.c
@@ -915,12 +915,14 @@ FORCE_INLINE int LZ4_decompress_generic(
token = *ip++;
if ((length=(token>>ML_BITS)) == RUN_MASK)
{
- unsigned s=255;
- while (((endOnInput)?ip<iend:1) && (s==255))
+ unsigned s;
+ do
{
s = *ip++;
length += s;
}
+ while (likely((endOnInput)?ip<iend-RUN_MASK:1) && (s==255));
+ if ((sizeof(void*)==4) && unlikely(length>LZ4_MAX_INPUT_SIZE)) goto _output_error; /* overflow detection */
}
/* copy literals */
@@ -959,6 +961,7 @@ FORCE_INLINE int LZ4_decompress_generic(
s = *ip++;
length += s;
} while (s==255);
+ if ((sizeof(void*)==4) && unlikely(length>LZ4_MAX_INPUT_SIZE)) goto _output_error; /* overflow detection */
}
/* check external dictionary */
@@ -1175,7 +1178,7 @@ int LZ4_sizeofStreamState() { return LZ4_STREAMSIZE; }
void LZ4_init(LZ4_stream_t_internal* lz4ds, const BYTE* base)
{
- MEM_INIT(lz4ds->hashTable, 0, LZ4_STREAMSIZE);
+ MEM_INIT(lz4ds, 0, LZ4_STREAMSIZE);
lz4ds->bufferStart = base;
}
diff --git a/lz4.h b/lz4.h
index 1cf9eab..1064fa1 100755..100644
--- a/lz4.h
+++ b/lz4.h
@@ -235,7 +235,7 @@ typedef struct { unsigned int table[LZ4_STREAMDECODESIZE_U32]; } LZ4_streamDecod
* LZ4_free just frees it.
*/
void* LZ4_createStreamDecode();
-int LZ4_free (void* LZ4_stream); /* yes, it's the same one as compression */
+int LZ4_free (void* LZ4_stream); /* yes, it's the same one as for compression */
/*
*_continue() :
@@ -250,7 +250,8 @@ int LZ4_decompress_fast_continue (void* LZ4_streamDecode, const char* source, ch
/*
* LZ4_setDictDecode
* Use this function to instruct where to find the dictionary.
- * This function is not necessary if previous data is still available where it was already decoded.
+ * This function can be used to specify a static dictionary,
+ * or to instruct where to find some previously decoded data saved into a different memory space.
* Setting a size of 0 is allowed (same effect as no dictionary).
* Return : 1 if OK, 0 if error
*/
@@ -260,8 +261,10 @@ int LZ4_setDictDecode (void* LZ4_streamDecode, const char* dictionary, int dictS
/*
Advanced decoding functions :
*_usingDict() :
- These decoding functions work the same as "_continue" ones,
- the dictionary must be explicitly provided within parameters
+ These decoding functions work the same as
+ a combination of LZ4_setDictDecode() followed by LZ4_decompress_x_continue()
+ all together into a single function call.
+ It doesn't use nor update an LZ4_streamDecode_t structure.
*/
int LZ4_decompress_safe_usingDict (const char* source, char* dest, int compressedSize, int maxOutputSize, const char* dictStart, int dictSize);
int LZ4_decompress_fast_usingDict (const char* source, char* dest, int originalSize, const char* dictStart, int dictSize);
diff --git a/programs/fullbench.c b/programs/fullbench.c
index f8a85ef..0ed8488 100644
--- a/programs/fullbench.c
+++ b/programs/fullbench.c
@@ -371,8 +371,6 @@ int fullSpeedBench(char** fileNamesTable, int nbFiles)
"LZ4_decompress_safe", "LZ4_decompress_safe_withPrefix64k", "LZ4_decompress_safe_usingDict", "LZ4_decompress_safe_partial" };
double totalDTime[NB_DECOMPRESSION_ALGORITHMS+1] = {0};
- U64 totals = 0;
-
// Loop for each file
while (fileIdx<nbFiles)
@@ -609,7 +607,6 @@ int fullSpeedBench(char** fileNamesTable, int nbFiles)
totalDTime[dAlgNb] += bestTime;
}
- totals += benchedSize;
}
free(orig_buff);
diff --git a/programs/fuzzer.c b/programs/fuzzer.c
index dbf6c2f..82f6090 100644
--- a/programs/fuzzer.c
+++ b/programs/fuzzer.c
@@ -121,7 +121,7 @@ unsigned int FUZ_rand(unsigned int* src)
rand32 += PRIME2;
rand32 = FUZ_rotl32(rand32, 13);
*src = rand32;
- return rand32;
+ return rand32 >> 3;
}
@@ -170,7 +170,8 @@ int FUZ_SecurityTest()
char* input;
int i, r;
- printf("Overflow test (issue 52)...\n");
+ // Overflow test, by Ludwig Strigeus
+ printf("Overflow test (issue 52)...");
input = (char*) malloc (20<<20);
output = (char*) malloc (20<<20);
input[0] = 0x0F;
@@ -564,7 +565,6 @@ int FUZ_usage()
int main(int argc, char** argv) {
- char userInput[50] = {0};
U32 timestamp = FUZ_GetMilliStart();
U32 seed=0;
int seedset=0;
@@ -651,6 +651,7 @@ int main(int argc, char** argv) {
if (!seedset)
{
+ char userInput[50] = {0};
printf("Select an Initialisation number (default : random) : ");
fflush(stdout);
if ( no_prompt || fgets(userInput, sizeof userInput, stdin) )
@@ -662,7 +663,7 @@ int main(int argc, char** argv) {
printf("Seed = %u\n", seed);
if (proba!=FUZ_COMPRESSIBILITY_DEFAULT) printf("Compressibility : %i%%\n", proba);
- //FUZ_SecurityTest();
+ FUZ_SecurityTest();
if (nbTests<=0) nbTests=1;
diff --git a/programs/lz4io.c b/programs/lz4io.c
index b581c41..49caed3 100755..100644
--- a/programs/lz4io.c
+++ b/programs/lz4io.c
@@ -754,7 +754,6 @@ static unsigned long long decodeLZ4S(FILE* finput, FILE* foutput)
// init
memset(&ctx, 0, sizeof(ctx));
- (void)blockIndependenceFlag;
// Decode stream descriptor
nbReadBytes = fread(descriptor, 1, 3, finput);
@@ -838,7 +837,7 @@ static unsigned long long decodeLZ4S(FILE* finput, FILE* foutput)
if (sizeCheck != (size_t)blockSize) EXM_THROW(76, "Write error : cannot write data block");
filesize += blockSize;
if (streamChecksumFlag) XXH32_update(streamChecksumState, in_buff, blockSize);
- if (!independentBlocks)
+ if (!blockIndependenceFlag)
{
// handle dictionary for streaming
memcpy(in_buff + blockSize - 64 KB, out_buff, 64 KB);