diff options
author | Yann Collet <cyan@fb.com> | 2018-10-09 21:37:51 (GMT) |
---|---|---|
committer | Yann Collet <cyan@fb.com> | 2018-10-09 21:37:51 (GMT) |
commit | 6902fa48925ed22cd37bb4262205437feb8d2420 (patch) | |
tree | b0fbe807adaa8227f2231df4c15dfe9e1709c4ac /lib | |
parent | e07a37d712c87b6d47d043b018e4ff86d31996b3 (diff) | |
download | lz4-6902fa48925ed22cd37bb4262205437feb8d2420.zip lz4-6902fa48925ed22cd37bb4262205437feb8d2420.tar.gz lz4-6902fa48925ed22cd37bb4262205437feb8d2420.tar.bz2 |
fixed #589
following recommendations by @raggi.
The fix is slightly different, but achieves the same goal,
and is backed by a test tool which proves that it works
(generates the error before the patch, no longer after the patch).
Diffstat (limited to 'lib')
-rw-r--r-- | lib/lz4frame.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/lib/lz4frame.c b/lib/lz4frame.c index e688f72..357f962 100644 --- a/lib/lz4frame.c +++ b/lib/lz4frame.c @@ -951,14 +951,18 @@ size_t LZ4F_compressEnd(LZ4F_cctx* cctxPtr, size_t const flushSize = LZ4F_flush(cctxPtr, dstBuffer, dstCapacity, compressOptionsPtr); if (LZ4F_isError(flushSize)) return flushSize; - assert(flushSize <= dstCapacity); dstPtr += flushSize; + assert(flushSize <= dstCapacity); + dstCapacity -= flushSize; + + if (dstCapacity < 4) return err0r(LZ4F_ERROR_dstMaxSize_tooSmall); LZ4F_writeLE32(dstPtr, 0); dstPtr += 4; /* endMark */ if (cctxPtr->prefs.frameInfo.contentChecksumFlag == LZ4F_contentChecksumEnabled) { U32 const xxh = XXH32_digest(&(cctxPtr->xxh)); + if (dstCapacity < 8) return err0r(LZ4F_ERROR_dstMaxSize_tooSmall); LZ4F_writeLE32(dstPtr, xxh); dstPtr+=4; /* content Checksum */ } |