-
Notifications
You must be signed in to change notification settings - Fork 2.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
check potential overflow of compressBound() #3362
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We also need to fix ZSTD_decompressBound()
to not overflow in 32-bit mode.
Can you also add a test for ZSTD_compressBound()
and ZSTD_COMPRESSBOUND()
for too-large sources?
lib/zstd.h
Outdated
* providing @dstCapacity >= ZSTD_compressBound(srcSize) guarantees success. | ||
* Note that it's still allowed to provide a smaller @dstCapacity value, | ||
* in which case, the caller must inspect the return value with ZSTD_isError(), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I might weaken this statement a little it. It reads like you don't need to check ZSTD_isError()
if you provide dstCapacity >= ZSTD_compressBound(srcSize)
. Which definitely isn't true.
I'll do this one in a separate PR. |
and rephrased the code documentation, as suggested by @terrelln
92b01e3
to
97f63ce
Compare
Added test |
fixed #3323, reported by @nigeltao
Completed documentation around overflow risk
(Note : This scenario probably can't happen in a "valid" situation
where
srcSize
is the real size of a really allocated and used buffer,but a bogus
srcSize
value could indeed trigger it).