renegade-project/linux-next
2
0
Fork 0
mirror of https://github.com/edk2-porting/linux-next.git synced 2025-01-04 03:33:58 +08:00
Code
83d3c4f22a
linux-next/lib/xz
History
Lasse Collin 83d3c4f22a lib/xz: Avoid overlapping memcpy() with invalid input with in-place decompression 
With valid files, the safety margin described in lib/decompress_unxz.c
ensures that these buffers cannot overlap. But if the uncompressed size
of the input is larger than the caller thought, which is possible when
the input file is invalid/corrupt, the buffers can overlap. Obviously
the result will then be garbage (and usually the decoder will return
an error too) but no other harm will happen when such an over-run occurs.

This change only affects uncompressed LZMA2 chunks and so this
should have no effect on performance.

Link: https://lore.kernel.org/r/20211010213145.17462-2-xiang@kernel.org
Signed-off-by: Lasse Collin <lasse.collin@tukaani.org>
Signed-off-by: Gao Xiang <hsiangkao@linux.alibaba.com>
2021-10-19 23:44:30 +08:00
..
Kconfig docs: move remaining stuff under Documentation/*.txt to Documentation/staging 2020-06-19 14:17:05 -06:00
Makefile treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
xz_crc32.c lib/: replace HTTP links with HTTPS ones 2020-08-12 10:58:00 -07:00
xz_dec_bcj.c lib/decompressors: fix spelling mistakes 2021-07-01 11:06:05 -07:00
xz_dec_lzma2.c lib/xz: Avoid overlapping memcpy() with invalid input with in-place decompression 2021-10-19 23:44:30 +08:00
xz_dec_stream.c Revert "lib: Revert use of fallthrough pseudo-keyword in lib/" 2020-11-18 14:15:17 -06:00
xz_dec_syms.c
xz_dec_test.c
xz_lzma2.h lib/: replace HTTP links with HTTPS ones 2020-08-12 10:58:00 -07:00
xz_private.h lib/xz: Put CRC32_POLY_LE in xz_private.h 2018-10-02 08:44:59 +10:00
xz_stream.h lib/: replace HTTP links with HTTPS ones 2020-08-12 10:58:00 -07:00