diff options
author | Lasse Collin <lasse.collin@tukaani.org> | 2020-02-03 00:18:32 +0200 |
---|---|---|
committer | Lasse Collin <lasse.collin@tukaani.org> | 2020-02-03 00:18:32 +0200 |
commit | cfc1499e9fc23d8caa6dfdf1cc3ccf60d6fcd947 (patch) | |
tree | dc3e070899450cfc8e6453e8b0e0c42c49cb5506 /linux/lib/xz/xz_stream.h | |
parent | 40d291b609d0cc6344f3e26ed34b4fd755e403da (diff) | |
download | xz-embedded-cfc1499e9fc23d8caa6dfdf1cc3ccf60d6fcd947.tar.gz |
Avoid overlapping memcpy() with invalid input with in-place decompression.
With valid files, the safety margin described in lib/decompress_unxz.c
ensures that these buffers cannot overlap. But if the uncompressed size
of the input is larger than the caller thought, which is possible when
the input file is invalid/corrupt, the buffers can overlap. Obviously
the result will then be garbage (and usually the decoder will return
an error too) but no other harm will happen when such an over-run occurs.
This change only affects uncompressed LZMA2 chunks and so this
should have no effect on performance.
Diffstat (limited to 'linux/lib/xz/xz_stream.h')
0 files changed, 0 insertions, 0 deletions