diff options
| author | Alex Rønne Petersen <alex@alexrp.com> | 2025-03-31 17:50:32 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2025-03-31 17:50:32 +0200 |
| commit | c118cd6406dee6852ae427ff02ebbf053c44ef9a (patch) | |
| tree | 278195cdaa4b1770483accecbe39082fb2be892a /lib | |
| parent | 43ad87555e73da6c592b6a63baab7fcb0c5d3ebd (diff) | |
| parent | d034f2a87b24620cdd92a93ae35755222a8f26a7 (diff) | |
| download | zig-c118cd6406dee6852ae427ff02ebbf053c44ef9a.tar.gz zig-c118cd6406dee6852ae427ff02ebbf053c44ef9a.zip | |
Merge pull request #23417 from dweiller/zstd-fixes
Zstd fixes
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/std/compress/zstandard.zig | 19 | ||||
| -rw-r--r-- | lib/std/compress/zstandard/decode/block.zig | 1 | ||||
| -rw-r--r-- | lib/std/compress/zstandard/decompress.zig | 4 |
3 files changed, 22 insertions, 2 deletions
diff --git a/lib/std/compress/zstandard.zig b/lib/std/compress/zstandard.zig index 9092a2d130..7b41e1fe3e 100644 --- a/lib/std/compress/zstandard.zig +++ b/lib/std/compress/zstandard.zig @@ -289,3 +289,22 @@ test "zero sized block" { try expectEqualDecodedStreaming("", input_raw); try expectEqualDecodedStreaming("", input_rle); } + +test "declared raw literals size too large" { + const input_raw = + "\x28\xb5\x2f\xfd" ++ // zstandard frame magic number + "\x00\x00" ++ // frame header: everything unset, window descriptor zero + "\x95\x00\x00" ++ // block header with: last_block set, block_type compressed, block_size 18 + "\xbc\xf3\xae" ++ // literals section header with: type raw, size_format 3, regenerated_size 716603 + "\xa5\x9f\xe3"; // some bytes of literal content - the content is shorter than regenerated_size + + // Note that the regenerated_size in the above input is larger than block maximum size, so the + // block can't be valid as it is a raw literals block. + + var fbs = std.io.fixedBufferStream(input_raw); + var window: [1024]u8 = undefined; + var stream = decompressor(fbs.reader(), .{ .window_buffer = &window }); + + var buf: [1024]u8 = undefined; + try std.testing.expectError(error.MalformedBlock, stream.read(&buf)); +} diff --git a/lib/std/compress/zstandard/decode/block.zig b/lib/std/compress/zstandard/decode/block.zig index 101abfc9b7..49c6e7dc36 100644 --- a/lib/std/compress/zstandard/decode/block.zig +++ b/lib/std/compress/zstandard/decode/block.zig @@ -989,6 +989,7 @@ pub fn decodeLiteralsSection( const header = try decodeLiteralsHeader(source); switch (header.block_type) { .raw => { + if (buffer.len < header.regenerated_size) return error.LiteralsBufferTooSmall; try source.readNoEof(buffer[0..header.regenerated_size]); return LiteralsSection{ .header = header, diff --git a/lib/std/compress/zstandard/decompress.zig b/lib/std/compress/zstandard/decompress.zig index 86be16268f..adc7b89749 100644 --- a/lib/std/compress/zstandard/decompress.zig +++ b/lib/std/compress/zstandard/decompress.zig @@ -380,7 +380,7 @@ pub const FrameContext = struct { /// - `error.WindowSizeUnknown` if the frame does not have a valid window /// size /// - `error.WindowTooLarge` if the window size is larger than - /// `window_size_max` + /// `window_size_max` or `std.math.intMax(usize)` /// - `error.ContentSizeTooLarge` if the frame header indicates a content /// size larger than `std.math.maxInt(usize)` pub fn init( @@ -395,7 +395,7 @@ pub const FrameContext = struct { const window_size = if (window_size_raw > window_size_max) return error.WindowTooLarge else - @as(usize, @intCast(window_size_raw)); + std.math.cast(usize, window_size_raw) orelse return error.WindowTooLarge; const should_compute_checksum = frame_header.descriptor.content_checksum_flag and verify_checksum; |