diff options
| author | Haibo Huang <hhb@google.com> | 2020-08-27 20:34:16 +0000 |
|---|---|---|
| committer | Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> | 2020-08-27 20:34:16 +0000 |
| commit | 30e4bb1e9f728a675b6b35573574120e525294f7 (patch) | |
| tree | e48641e27c3f942394d5aa49775198f7ace69690 | |
| parent | 694c333ead8dd2ec9147332e484c8e2c2958cf35 (diff) | |
| parent | 065f36f595b9f6c37918c7b3f8121916ccdef1e6 (diff) | |
| download | brotli-30e4bb1e9f728a675b6b35573574120e525294f7.tar.gz | |
Upgrade brotli to v1.0.9 am: 065f36f595
Original change: https://android-review.googlesource.com/c/platform/external/brotli/+/1413972
Change-Id: I3f6e1d58f13541d6f3edcf836e4b6885edd45e9b
| -rw-r--r-- | .gitattributes | 20 | ||||
| -rw-r--r-- | METADATA | 4 | ||||
| -rw-r--r-- | README.md | 6 | ||||
| -rw-r--r-- | c/common/version.h | 4 |
4 files changed, 25 insertions, 9 deletions
diff --git a/.gitattributes b/.gitattributes index c0ca54b..8915918 100644 --- a/.gitattributes +++ b/.gitattributes @@ -19,6 +19,8 @@ MANIFEST.in !export-ignore premake5.lua !export-ignore README !export-ignore README.md !export-ignore +setup.py !export-ignore +setup.cfg !export-ignore WORKSPACE !export-ignore # Add sources @@ -26,9 +28,22 @@ c !export-ignore c/** !export-ignore c/common/dictionary.bin* export-ignore c/fuzz export-ignore + +# Add man pages +docs !export-ignore +docs/** !export-ignore +docs/brotli-comparison-study-2015-09-22.pdf export-ignore + +# Add python bindings + tests +python !export-ignore +python/** !export-ignore + +# Add more build files. scripts !export-ignore scripts/sources.lst !export-ignore scripts/libbrotli*.pc.in !export-ignore + +# Add testdata tests !export-ignore tests/*.sh !export-ignore tests/*.cmake !export-ignore @@ -37,8 +52,3 @@ tests/testdata/empty !export-ignore tests/testdata/empty.compressed !export-ignore tests/testdata/ukkonooa !export-ignore tests/testdata/ukkonooa.compressed !export-ignore - -# Add man pages -docs !export-ignore -docs/** !export-ignore -docs/brotli-comparison-study-2015-09-22.pdf export-ignore
\ No newline at end of file @@ -9,11 +9,11 @@ third_party { type: GIT value: "https://github.com/google/brotli.git" } - version: "v1.0.8" + version: "v1.0.9" license_type: NOTICE last_upgrade_date { year: 2020 month: 8 - day: 26 + day: 27 } } @@ -1,5 +1,11 @@ <p align="center"><img src="https://brotli.org/brotli.svg" alt="Brotli" width="64"></p> +# SECURITY NOTE + +Please consider updating brotli to version 1.0.9 (latest). + +Version 1.0.9 contains a fix to "integer overflow" problem. This happens when "one-shot" decoding API is used (or input chunk for streaming API is not limited), input size (chunk size) is larger than 2GiB, and input contains uncompressed blocks. After the overflow happens, `memcpy` is invoked with a gigantic `num` value, that will likely cause the crash. + ### Introduction Brotli is a generic-purpose lossless compression algorithm that compresses data diff --git a/c/common/version.h b/c/common/version.h index 075d4d1..01b2998 100644 --- a/c/common/version.h +++ b/c/common/version.h @@ -14,13 +14,13 @@ BrotliEncoderVersion methods. */ /* Semantic version, calculated as (MAJOR << 24) | (MINOR << 12) | PATCH */ -#define BROTLI_VERSION 0x1000008 +#define BROTLI_VERSION 0x1000009 /* This macro is used by build system to produce Libtool-friendly soname. See https://www.gnu.org/software/libtool/manual/html_node/Libtool-versioning.html */ /* ABI version, calculated as (CURRENT << 24) | (REVISION << 12) | AGE */ -#define BROTLI_ABI_VERSION 0x1008000 +#define BROTLI_ABI_VERSION 0x1009000 #endif /* BROTLI_COMMON_VERSION_H_ */ |