projects / platform / upstream / lz4.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f895b9a)
Fully Bounds Check Hash Table Reads
authorW. Felix Handte <w@felixhandte.com>
Wed, 21 Mar 2018 15:21:07 +0000 (11:21 -0400)
committerW. Felix Handte <w@felixhandte.com>
Fri, 20 Apr 2018 00:54:35 +0000 (20:54 -0400)
lib/lz4hc.c patch | blob | history

diff --git a/lib/lz4hc.c b/lib/lz4hc.c
index 12d26c3..6890613 100644 (file)
--- a/lib/lz4hc.c
+++ b/lib/lz4hc.c
@@ -222,7 +222,7 @@ LZ4HC_InsertAndGetWiderMatch (
     DEBUGLOG(7, "First match at index %u / %u (lowLimit)",
                 matchIndex, lowLimit);
 
-    while ((matchIndex>=lowLimit) && (nbAttempts)) {
+    while ((matchIndex>=lowLimit) && (matchIndex < (ip - base)) && (nbAttempts)) {
         DEBUGLOG(7, "remaining attempts : %i", nbAttempts);
         nbAttempts--;
         if (matchIndex >= dictLimit) {
@@ -286,7 +286,7 @@ LZ4HC_InsertAndGetWiderMatch (
                             matchIndex -= (U32)backLength;   /* let's go to farthest segment position, will find a match of length currentSegmentLength + maybe some back */
                         }
         }   }   }   }
-    }  /* while ((matchIndex>=lowLimit) && (nbAttempts)) */
+    }  /* while ((matchIndex>=lowLimit) && (matchIndex < (ip - base)) && (nbAttempts)) */
 
     return longest;
 }
Domain: System / System Framework;