address a few minor Visual warnings

and created target cxx17build

7 files changed, 35 insertions, 26 deletions

diff --git a/Makefile b/Makefile
index f3c6ce2..f3844a1 100644
--- a/Makefile
+++ b/Makefile
@@ -181,6 +181,14 @@ gpptest gpptest32: clean
 	CC=$(CC) $(MAKE) -C $(PRGDIR)  all CFLAGS="$(CFLAGS)"
 	CC=$(CC) $(MAKE) -C $(TESTDIR) all CFLAGS="$(CFLAGS)"
 
+cxx17build : CC = "$(CXX) -Wno-deprecated"
+cxx17build : CFLAGS = -std=c++17 -Wall -Wextra -Wundef -Wshadow -Wcast-align -Werror
+cxx17build : clean
+	$(CXX) -v
+	CC=$(CC) $(MAKE) -C $(LZ4DIR)  all CFLAGS="$(CFLAGS)"
+	CC=$(CC) $(MAKE) -C $(PRGDIR)  all CFLAGS="$(CFLAGS)"
+	CC=$(CC) $(MAKE) -C $(TESTDIR) all CFLAGS="$(CFLAGS)"
+
 ctocpptest: LIBCC="$(CC)"
 ctocpptest: TESTCC="$(CXX)"
 ctocpptest: CFLAGS=""
diff --git a/doc/lz4_manual.html b/doc/lz4_manual.html
index 356a60d..ee43b8a 100644
--- a/doc/lz4_manual.html
+++ b/doc/lz4_manual.html
@@ -454,21 +454,18 @@ union LZ4_streamDecode_u {
  
 </p></pre><BR>
 
-<pre><b>LZ4_DEPRECATED("This function is deprecated and unsafe. Consider using LZ4_decompress_safe() instead") LZ4LIB_API
-int LZ4_decompress_fast (const char* src, char* dst, int originalSize);
-LZ4_DEPRECATED("This function is deprecated and unsafe. Consider using LZ4_decompress_safe_continue() instead") LZ4LIB_API
-int LZ4_decompress_fast_continue (LZ4_streamDecode_t* LZ4_streamDecode, const char* src, char* dst, int originalSize);
-LZ4_DEPRECATED("This function is deprecated and unsafe. Consider using LZ4_decompress_safe_usingDict() instead") LZ4LIB_API
-int LZ4_decompress_fast_usingDict (const char* src, char* dst, int originalSize, const char* dictStart, int dictSize);
-</b><p>  These functions used to be a bit faster than LZ4_decompress_safe(),
-  but situation has changed in recent versions.
-  Now, `LZ4_decompress_safe()` is as fast and sometimes even faster than `LZ4_decompress_fast()`.
-  Moreover, LZ4_decompress_safe() is protected vs malformed input, while `LZ4_decompress_fast()` is not, making it a security liability.
+<pre><b></b><p>  These functions used to be faster than LZ4_decompress_safe(),
+  but it has changed, and they are now slower than LZ4_decompress_safe().
+  This is because LZ4_decompress_fast() doesn't know the input size,
+  and therefore must progress more cautiously in the input buffer to not read beyond the end of block.
+  On top of that `LZ4_decompress_fast()` is not protected vs malformed or malicious inputs, making it a security liability.
   As a consequence, LZ4_decompress_fast() is strongly discouraged, and deprecated.
 
-  Last LZ4_decompress_fast() specificity is that it can decompress a block without knowing its compressed size.
-  Note that even that functionality could be achieved in a more secure manner if need be,
-  though it would require new prototypes, and adaptation of the implementation to this new use case.
+  The last remaining LZ4_decompress_fast() specificity is that
+  it can decompress a block without knowing its compressed size.
+  Such functionality could be achieved in a more secure manner,
+  by also providing the maximum size of input buffer,
+  but it would require new prototypes, and adaptation of the implementation to this new use case.
 
   Parameters:
   originalSize : is the uncompressed size to regenerate.
@@ -477,9 +474,9 @@ int LZ4_decompress_fast_usingDict (const char* src, char* dst, int originalSize,
            The function expects to finish at block's end exactly.
            If the source stream is detected malformed, the function stops decoding and returns a negative result.
   note : LZ4_decompress_fast*() requires originalSize. Thanks to this information, it never writes past the output buffer.
-         However, since it doesn't know its 'src' size, it may read an unknown amount of input, and overflow input buffer.
-         Also, since match offsets are not validated, match reads from 'src' may underflow.
-         These issues never happen if input data is correct.
+         However, since it doesn't know its 'src' size, it may read an unknown amount of input, past input buffer bounds.
+         Also, since match offsets are not validated, match reads from 'src' may underflow too.
+         These issues never happen if input (compressed) data is correct.
          But they may happen if input data is invalid (error or intentional tampering).
          As a consequence, use these functions in trusted environments with trusted data **only**.
  
diff --git a/lib/lz4.h b/lib/lz4.h
index 962f5e6..737a0c7 100644
--- a/lib/lz4.h
+++ b/lib/lz4.h
@@ -638,9 +638,11 @@ LZ4_DEPRECATED("use LZ4_decompress_fast_usingDict() instead") LZ4LIB_API int LZ4
  *  On top of that `LZ4_decompress_fast()` is not protected vs malformed or malicious inputs, making it a security liability.
  *  As a consequence, LZ4_decompress_fast() is strongly discouraged, and deprecated.
  *
- *  Only LZ4_decompress_fast() specificity is that it can decompress a block without knowing its compressed size.
- *  Even that functionality could be achieved in a more secure manner if need be,
- *  though it would require new prototypes, and adaptation of the implementation to this new use case.
+ *  The last remaining LZ4_decompress_fast() specificity is that
+ *  it can decompress a block without knowing its compressed size.
+ *  Such functionality could be achieved in a more secure manner,
+ *  by also providing the maximum size of input buffer,
+ *  but it would require new prototypes, and adaptation of the implementation to this new use case.
  *
  *  Parameters:
  *  originalSize : is the uncompressed size to regenerate.
diff --git a/lib/lz4hc.c b/lib/lz4hc.c
index d5f6743..031df8f 100644
--- a/lib/lz4hc.c
+++ b/lib/lz4hc.c
@@ -1396,6 +1396,7 @@ static int LZ4HC_compress_optimal ( LZ4HC_CCtx_internal* ctx,
              }   }
          }  /* for (cur = 1; cur <= last_match_pos; cur++) */
 
+         assert(last_match_pos < LZ4_OPT_NUM + TRAILING_LITERALS);
          best_mlen = opt[last_match_pos].mlen;
          best_off = opt[last_match_pos].off;
          cur = last_match_pos - best_mlen;
diff --git a/tests/frametest.c b/tests/frametest.c
index 9f7cb8d..bf95beb 100644
--- a/tests/frametest.c
+++ b/tests/frametest.c
@@ -667,8 +667,8 @@ int basicTests(U32 seed, double compressibility)
       for (blockSizeID = 4; blockSizeID < 8; ++blockSizeID) {
         result = LZ4F_getBlockSize(blockSizeID);
         CHECK(result);
-        DISPLAYLEVEL(3, "Returned block size of %zu bytes for blockID %u \n",
-                         result, blockSizeID);
+        DISPLAYLEVEL(3, "Returned block size of %u bytes for blockID %u \n",
+                         (unsigned)result, blockSizeID);
       }
 
       /* Test an invalid input that's too large */
@@ -770,7 +770,8 @@ static void locateBuffDiff(const void* buff1, const void* buff2, size_t size, un
     const BYTE* b2=(const BYTE*)buff2;
     DISPLAY("locateBuffDiff: looking for error position \n");
     if (nonContiguous) {
-        DISPLAY("mode %u: non-contiguous output (%zu bytes), cannot search \n", nonContiguous, size);
+        DISPLAY("mode %u: non-contiguous output (%u bytes), cannot search \n",
+                nonContiguous, (unsigned)size);
         return;
     }
     while (p < size && b1[p]==b2[p]) p++;
diff --git a/tests/fullbench.c b/tests/fullbench.c
index 1a52aab..d2af662 100644
--- a/tests/fullbench.c
+++ b/tests/fullbench.c
@@ -162,13 +162,13 @@ static LZ4_stream_t LZ4_stream;
 static void local_LZ4_resetDictT(void)
 {
     void* const r = LZ4_initStream(&LZ4_stream, sizeof(LZ4_stream));
-    assert(r != NULL);
+    assert(r != NULL); (void)r;
 }
 
 static void local_LZ4_createStream(void)
 {
     void* const r = LZ4_initStream(&LZ4_stream, sizeof(LZ4_stream));
-    assert(r != NULL);
+    assert(r != NULL); (void)r;
 }
 
 static int local_LZ4_saveDict(const char* in, char* out, int inSize)
diff --git a/tests/fuzzer.c b/tests/fuzzer.c
index 78f90a1..9908a7b 100644
--- a/tests/fuzzer.c
+++ b/tests/fuzzer.c
@@ -490,6 +490,7 @@ static int FUZ_test(U32 seed, U32 nbCycles, const U32 startCycle, const double c
         /* Test decompress_fast() with input buffer size exactly correct => must not read out of bound */
         {   char* const cBuffer_exact = (char*)malloc((size_t)compressedSize);
             assert(cBuffer_exact != NULL);
+            assert(compressedSize <= compressedBufferSize);
             memcpy(cBuffer_exact, compressedBuffer, compressedSize);
 
             /* Test decoding with output size exactly correct => must work */
@@ -1302,9 +1303,8 @@ static void FUZ_unitTests(int compressionLevel)
             int iNext = 0;
             int dNext = 0;
             int compressedSize;
-            size_t const testVerifySize = testInputSize;
 
-            assert((size_t)dBufferSize * 2 + 1 < testVerifySize);   /* space used by ringBufferSafe and ringBufferFast */
+            assert((size_t)dBufferSize * 2 + 1 < testInputSize);   /* space used by ringBufferSafe and ringBufferFast */
             XXH64_reset(&xxhOrig, 0);
             XXH64_reset(&xxhNewSafe, 0);
             XXH64_reset(&xxhNewFast, 0);