From: Yann Collet Date: Thu, 7 Sep 2017 19:48:24 +0000 (-0700) Subject: fix #397 : decompression failed when using a combination of extDict + low memory... X-Git-Tag: upstream/1.9.3~11^2~44 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=b500c5282e61027b797d3fd39e7d4ab1ab084adf;p=platform%2Fupstream%2Flz4.git fix #397 : decompression failed when using a combination of extDict + low memory address Reported and fixed by @jscheid Note : we are missing a test case to include it in the CI --- diff --git a/NEWS b/NEWS index 57338f7..ff20e7e 100644 --- a/NEWS +++ b/NEWS @@ -1,4 +1,5 @@ v1.8.1 +fix : decompression failed when using a combination of extDict + low memory address (#397), reported and fixed by Julian Scheid (@jscheid) install: fix : correct man page directory (#387), reported by Stuart Cardall (@itoffshore) build : `make` and `make test` compatible with `-jX`, reported by @mwgamera diff --git a/lib/lz4.c b/lib/lz4.c index f361b22..0960c97 100644 --- a/lib/lz4.c +++ b/lib/lz4.c @@ -1127,7 +1127,6 @@ LZ4_FORCE_INLINE int LZ4_decompress_generic( BYTE* const oend = op + outputSize; BYTE* cpy; BYTE* oexit = op + targetOutputSize; - const BYTE* const lowLimit = lowPrefix - dictSize; const BYTE* const dictEnd = (const BYTE*)dictStart + dictSize; const unsigned dec32table[] = {0, 1, 2, 1, 4, 4, 4, 4}; @@ -1183,7 +1182,7 @@ LZ4_FORCE_INLINE int LZ4_decompress_generic( /* get offset */ offset = LZ4_readLE16(ip); ip+=2; match = op - offset; - if ((checkOffset) && (unlikely(match < lowLimit))) goto _output_error; /* Error : offset outside buffers */ + if ((checkOffset) && (unlikely(match + dictSize < lowPrefix))) goto _output_error; /* Error : offset outside buffers */ LZ4_write32(op, (U32)offset); /* costs ~1%; silence an msan warning when offset==0 */ /* get matchlength */