summaryrefslogtreecommitdiffstats
path: root/lib
diff options
context:
space:
mode:
Diffstat (limited to 'lib')
-rw-r--r--lib/lz4.h8
-rw-r--r--lib/lz4hc.c1
2 files changed, 6 insertions, 3 deletions
diff --git a/lib/lz4.h b/lib/lz4.h
index 962f5e6..737a0c7 100644
--- a/lib/lz4.h
+++ b/lib/lz4.h
@@ -638,9 +638,11 @@ LZ4_DEPRECATED("use LZ4_decompress_fast_usingDict() instead") LZ4LIB_API int LZ4
* On top of that `LZ4_decompress_fast()` is not protected vs malformed or malicious inputs, making it a security liability.
* As a consequence, LZ4_decompress_fast() is strongly discouraged, and deprecated.
*
- * Only LZ4_decompress_fast() specificity is that it can decompress a block without knowing its compressed size.
- * Even that functionality could be achieved in a more secure manner if need be,
- * though it would require new prototypes, and adaptation of the implementation to this new use case.
+ * The last remaining LZ4_decompress_fast() specificity is that
+ * it can decompress a block without knowing its compressed size.
+ * Such functionality could be achieved in a more secure manner,
+ * by also providing the maximum size of input buffer,
+ * but it would require new prototypes, and adaptation of the implementation to this new use case.
*
* Parameters:
* originalSize : is the uncompressed size to regenerate.
diff --git a/lib/lz4hc.c b/lib/lz4hc.c
index d5f6743..031df8f 100644
--- a/lib/lz4hc.c
+++ b/lib/lz4hc.c
@@ -1396,6 +1396,7 @@ static int LZ4HC_compress_optimal ( LZ4HC_CCtx_internal* ctx,
} }
} /* for (cur = 1; cur <= last_match_pos; cur++) */
+ assert(last_match_pos < LZ4_OPT_NUM + TRAILING_LITERALS);
best_mlen = opt[last_match_pos].mlen;
best_off = opt[last_match_pos].off;
cur = last_match_pos - best_mlen;