facebook
/
zstd
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #1322 from azat-archive/seekable-fixes-pull 

Fixes read write past end of input buffer.
dev
Nick Terrell 2018-09-17 11:04:51 -07:00 committed by GitHub
parent a2aedf458d d707692e05
commit 8f27e8cf3d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
contrib/seekable_format/examples/seekable_decompression.c
View File

@ -84,7 +84,7 @@ static void fseek_orDie(FILE* file, long int offset, int origin) {
} }
static void decompressFile_orDie(const char* fname, unsigned startOffset, unsigned endOffset) static void decompressFile_orDie(const char* fname, off_t startOffset, off_t endOffset)
{ {
FILE* const fin = fopen_orDie(fname, "rb"); FILE* const fin = fopen_orDie(fname, "rb");
FILE* const fout = stdout; FILE* const fout = stdout;
@ -129,8 +129,8 @@ int main(int argc, const char** argv)
{ {
const char* const inFilename = argv[1]; const char* const inFilename = argv[1];
unsigned const startOffset = (unsigned) atoi(argv[2]); off_t const startOffset = atoll(argv[2]);
unsigned const endOffset = (unsigned) atoi(argv[3]); off_t const endOffset = atoll(argv[3]);
decompressFile_orDie(inFilename, startOffset, endOffset); decompressFile_orDie(inFilename, startOffset, endOffset);
} }

2
contrib/seekable_format/zstdseek_decompress.c
View File

@ -313,8 +313,8 @@ static size_t ZSTD_seekable_loadSeekTable(ZSTD_seekable* zs)
/* compute cumulative positions */ /* compute cumulative positions */
for (; idx < numFrames; idx++) { for (; idx < numFrames; idx++) {
if (pos + sizePerEntry > SEEKABLE_BUFF_SIZE) { if (pos + sizePerEntry > SEEKABLE_BUFF_SIZE) {
U32 const toRead = MIN(remaining, SEEKABLE_BUFF_SIZE);
U32 const offset = SEEKABLE_BUFF_SIZE - pos; U32 const offset = SEEKABLE_BUFF_SIZE - pos;
U32 const toRead = MIN(remaining, SEEKABLE_BUFF_SIZE - offset);
memmove(zs->inBuff, zs->inBuff + pos, offset); /* move any data we haven't read yet */ memmove(zs->inBuff, zs->inBuff + pos, offset); /* move any data we haven't read yet */
CHECK_IO(src.read(src.opaque, zs->inBuff+offset, toRead)); CHECK_IO(src.read(src.opaque, zs->inBuff+offset, toRead));
remaining -= toRead; remaining -= toRead;