AuroraMiddleware/lz4
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

address a few minor Visual warnings

Browse Source 
and created target cxx17build
This commit is contained in:
Yann Collet 2019-04-18 16:06:02 -07:00
parent 5a6d72447a
commit 0b876db6d4
7 changed files with 35 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
Makefile
View File

@ -181,6 +181,14 @@ gpptest gpptest32: clean
CC=$(CC) $(MAKE) -C $(PRGDIR) all CFLAGS="$(CFLAGS)" CC=$(CC) $(MAKE) -C $(PRGDIR) all CFLAGS="$(CFLAGS)"
CC=$(CC) $(MAKE) -C $(TESTDIR) all CFLAGS="$(CFLAGS)" CC=$(CC) $(MAKE) -C $(TESTDIR) all CFLAGS="$(CFLAGS)"
cxx17build : CC = "$(CXX) -Wno-deprecated"
cxx17build : CFLAGS = -std=c++17 -Wall -Wextra -Wundef -Wshadow -Wcast-align -Werror
cxx17build : clean
$(CXX) -v
CC=$(CC) $(MAKE) -C $(LZ4DIR) all CFLAGS="$(CFLAGS)"
CC=$(CC) $(MAKE) -C $(PRGDIR) all CFLAGS="$(CFLAGS)"
CC=$(CC) $(MAKE) -C $(TESTDIR) all CFLAGS="$(CFLAGS)"
ctocpptest: LIBCC="$(CC)" ctocpptest: LIBCC="$(CC)"
ctocpptest: TESTCC="$(CXX)" ctocpptest: TESTCC="$(CXX)"
ctocpptest: CFLAGS="" ctocpptest: CFLAGS=""

29
doc/lz4_manual.html
View File

@ -454,21 +454,18 @@ union LZ4_streamDecode_u {
</p></pre><BR> </p></pre><BR>
<pre><b>LZ4_DEPRECATED("This function is deprecated and unsafe. Consider using LZ4_decompress_safe() instead") LZ4LIB_API <pre><b></b><p> These functions used to be faster than LZ4_decompress_safe(),
int LZ4_decompress_fast (const char* src, char* dst, int originalSize); but it has changed, and they are now slower than LZ4_decompress_safe().
LZ4_DEPRECATED("This function is deprecated and unsafe. Consider using LZ4_decompress_safe_continue() instead") LZ4LIB_API This is because LZ4_decompress_fast() doesn't know the input size,
int LZ4_decompress_fast_continue (LZ4_streamDecode_t* LZ4_streamDecode, const char* src, char* dst, int originalSize); and therefore must progress more cautiously in the input buffer to not read beyond the end of block.
LZ4_DEPRECATED("This function is deprecated and unsafe. Consider using LZ4_decompress_safe_usingDict() instead") LZ4LIB_API On top of that `LZ4_decompress_fast()` is not protected vs malformed or malicious inputs, making it a security liability.
int LZ4_decompress_fast_usingDict (const char* src, char* dst, int originalSize, const char* dictStart, int dictSize);
</b><p> These functions used to be a bit faster than LZ4_decompress_safe(),
but situation has changed in recent versions.
Now, `LZ4_decompress_safe()` is as fast and sometimes even faster than `LZ4_decompress_fast()`.
Moreover, LZ4_decompress_safe() is protected vs malformed input, while `LZ4_decompress_fast()` is not, making it a security liability.
As a consequence, LZ4_decompress_fast() is strongly discouraged, and deprecated. As a consequence, LZ4_decompress_fast() is strongly discouraged, and deprecated.
Last LZ4_decompress_fast() specificity is that it can decompress a block without knowing its compressed size. The last remaining LZ4_decompress_fast() specificity is that
Note that even that functionality could be achieved in a more secure manner if need be, it can decompress a block without knowing its compressed size.
though it would require new prototypes, and adaptation of the implementation to this new use case. Such functionality could be achieved in a more secure manner,
by also providing the maximum size of input buffer,
but it would require new prototypes, and adaptation of the implementation to this new use case.
Parameters: Parameters:
originalSize : is the uncompressed size to regenerate. originalSize : is the uncompressed size to regenerate.
@ -477,9 +474,9 @@ int LZ4_decompress_fast_usingDict (const char* src, char* dst, int originalSize,
The function expects to finish at block's end exactly. The function expects to finish at block's end exactly.
If the source stream is detected malformed, the function stops decoding and returns a negative result. If the source stream is detected malformed, the function stops decoding and returns a negative result.
note : LZ4_decompress_fast*() requires originalSize. Thanks to this information, it never writes past the output buffer. note : LZ4_decompress_fast*() requires originalSize. Thanks to this information, it never writes past the output buffer.
However, since it doesn't know its 'src' size, it may read an unknown amount of input, and overflow input buffer. However, since it doesn't know its 'src' size, it may read an unknown amount of input, past input buffer bounds.
Also, since match offsets are not validated, match reads from 'src' may underflow. Also, since match offsets are not validated, match reads from 'src' may underflow too.
These issues never happen if input data is correct. These issues never happen if input (compressed) data is correct.
But they may happen if input data is invalid (error or intentional tampering). But they may happen if input data is invalid (error or intentional tampering).
As a consequence, use these functions in trusted environments with trusted data **only**. As a consequence, use these functions in trusted environments with trusted data **only**.

8
lib/lz4.h
View File

@ -638,9 +638,11 @@ LZ4_DEPRECATED("use LZ4_decompress_fast_usingDict() instead") LZ4LIB_API int LZ4
* On top of that `LZ4_decompress_fast()` is not protected vs malformed or malicious inputs, making it a security liability. * On top of that `LZ4_decompress_fast()` is not protected vs malformed or malicious inputs, making it a security liability.
* As a consequence, LZ4_decompress_fast() is strongly discouraged, and deprecated. * As a consequence, LZ4_decompress_fast() is strongly discouraged, and deprecated.
* *
* Only LZ4_decompress_fast() specificity is that it can decompress a block without knowing its compressed size. * The last remaining LZ4_decompress_fast() specificity is that
* Even that functionality could be achieved in a more secure manner if need be, * it can decompress a block without knowing its compressed size.
* though it would require new prototypes, and adaptation of the implementation to this new use case. * Such functionality could be achieved in a more secure manner,
* by also providing the maximum size of input buffer,
* but it would require new prototypes, and adaptation of the implementation to this new use case.
* *
* Parameters: * Parameters:
* originalSize : is the uncompressed size to regenerate. * originalSize : is the uncompressed size to regenerate.

1
lib/lz4hc.c
View File

@ -1396,6 +1396,7 @@ static int LZ4HC_compress_optimal ( LZ4HC_CCtx_internal* ctx,
} } } }
} /* for (cur = 1; cur <= last_match_pos; cur++) */ } /* for (cur = 1; cur <= last_match_pos; cur++) */
assert(last_match_pos < LZ4_OPT_NUM + TRAILING_LITERALS);
best_mlen = opt[last_match_pos].mlen; best_mlen = opt[last_match_pos].mlen;
best_off = opt[last_match_pos].off; best_off = opt[last_match_pos].off;
cur = last_match_pos - best_mlen; cur = last_match_pos - best_mlen;

7
tests/frametest.c
View File

@ -667,8 +667,8 @@ int basicTests(U32 seed, double compressibility)
for (blockSizeID = 4; blockSizeID < 8; ++blockSizeID) { for (blockSizeID = 4; blockSizeID < 8; ++blockSizeID) {
result = LZ4F_getBlockSize(blockSizeID); result = LZ4F_getBlockSize(blockSizeID);
CHECK(result); CHECK(result);
DISPLAYLEVEL(3, "Returned block size of %zu bytes for blockID %u \n", DISPLAYLEVEL(3, "Returned block size of %u bytes for blockID %u \n",
result, blockSizeID); (unsigned)result, blockSizeID);
} }
/* Test an invalid input that's too large */ /* Test an invalid input that's too large */
@ -770,7 +770,8 @@ static void locateBuffDiff(const void* buff1, const void* buff2, size_t size, un
const BYTE* b2=(const BYTE*)buff2; const BYTE* b2=(const BYTE*)buff2;
DISPLAY("locateBuffDiff: looking for error position \n"); DISPLAY("locateBuffDiff: looking for error position \n");
if (nonContiguous) { if (nonContiguous) {
DISPLAY("mode %u: non-contiguous output (%zu bytes), cannot search \n", nonContiguous, size); DISPLAY("mode %u: non-contiguous output (%u bytes), cannot search \n",
nonContiguous, (unsigned)size);
return; return;
} }
while (p < size && b1[p]==b2[p]) p++; while (p < size && b1[p]==b2[p]) p++;

4
tests/fullbench.c
View File

@ -162,13 +162,13 @@ static LZ4_stream_t LZ4_stream;
static void local_LZ4_resetDictT(void) static void local_LZ4_resetDictT(void)
{ {
void* const r = LZ4_initStream(&LZ4_stream, sizeof(LZ4_stream)); void* const r = LZ4_initStream(&LZ4_stream, sizeof(LZ4_stream));
assert(r != NULL); assert(r != NULL); (void)r;
} }
static void local_LZ4_createStream(void) static void local_LZ4_createStream(void)
{ {
void* const r = LZ4_initStream(&LZ4_stream, sizeof(LZ4_stream)); void* const r = LZ4_initStream(&LZ4_stream, sizeof(LZ4_stream));
assert(r != NULL); assert(r != NULL); (void)r;
} }
static int local_LZ4_saveDict(const char* in, char* out, int inSize) static int local_LZ4_saveDict(const char* in, char* out, int inSize)

4
tests/fuzzer.c
View File

@ -490,6 +490,7 @@ static int FUZ_test(U32 seed, U32 nbCycles, const U32 startCycle, const double c
/* Test decompress_fast() with input buffer size exactly correct => must not read out of bound */ /* Test decompress_fast() with input buffer size exactly correct => must not read out of bound */
{ char* const cBuffer_exact = (char*)malloc((size_t)compressedSize); { char* const cBuffer_exact = (char*)malloc((size_t)compressedSize);
assert(cBuffer_exact != NULL); assert(cBuffer_exact != NULL);
assert(compressedSize <= compressedBufferSize);
memcpy(cBuffer_exact, compressedBuffer, compressedSize); memcpy(cBuffer_exact, compressedBuffer, compressedSize);
/* Test decoding with output size exactly correct => must work */ /* Test decoding with output size exactly correct => must work */
@ -1302,9 +1303,8 @@ static void FUZ_unitTests(int compressionLevel)
int iNext = 0; int iNext = 0;
int dNext = 0; int dNext = 0;
int compressedSize; int compressedSize;
size_t const testVerifySize = testInputSize;
assert((size_t)dBufferSize * 2 + 1 < testVerifySize); /* space used by ringBufferSafe and ringBufferFast */ assert((size_t)dBufferSize * 2 + 1 < testInputSize); /* space used by ringBufferSafe and ringBufferFast */
XXH64_reset(&xxhOrig, 0); XXH64_reset(&xxhOrig, 0);
XXH64_reset(&xxhNewSafe, 0); XXH64_reset(&xxhNewSafe, 0);
XXH64_reset(&xxhNewFast, 0); XXH64_reset(&xxhNewFast, 0);