AuroraMiddleware/lz4
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

address a few minor Visual warnings

Browse Source 
and created target cxx17build
This commit is contained in:
Yann Collet 2019-04-18 16:06:02 -07:00
parent 5a6d72447a
commit 0b876db6d4
7 changed files with 35 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
Makefile
View File

@ -181,6 +181,14 @@ gpptest gpptest32: clean
CC=$(CC) $(MAKE) -C $(PRGDIR) all CFLAGS="$(CFLAGS)"
CC=$(CC) $(MAKE) -C $(TESTDIR) all CFLAGS="$(CFLAGS)"
cxx17build : CC = "$(CXX) -Wno-deprecated"
cxx17build : CFLAGS = -std=c++17 -Wall -Wextra -Wundef -Wshadow -Wcast-align -Werror
cxx17build : clean
$(CXX) -v
CC=$(CC) $(MAKE) -C $(LZ4DIR) all CFLAGS="$(CFLAGS)"
CC=$(CC) $(MAKE) -C $(PRGDIR) all CFLAGS="$(CFLAGS)"
CC=$(CC) $(MAKE) -C $(TESTDIR) all CFLAGS="$(CFLAGS)"
ctocpptest: LIBCC="$(CC)"
ctocpptest: TESTCC="$(CXX)"
ctocpptest: CFLAGS=""

29
doc/lz4_manual.html
View File

@ -454,21 +454,18 @@ union LZ4_streamDecode_u {
</p></pre><BR>
<pre><b>LZ4_DEPRECATED("This function is deprecated and unsafe. Consider using LZ4_decompress_safe() instead") LZ4LIB_API
int LZ4_decompress_fast (const char* src, char* dst, int originalSize);
LZ4_DEPRECATED("This function is deprecated and unsafe. Consider using LZ4_decompress_safe_continue() instead") LZ4LIB_API
int LZ4_decompress_fast_continue (LZ4_streamDecode_t* LZ4_streamDecode, const char* src, char* dst, int originalSize);
LZ4_DEPRECATED("This function is deprecated and unsafe. Consider using LZ4_decompress_safe_usingDict() instead") LZ4LIB_API
int LZ4_decompress_fast_usingDict (const char* src, char* dst, int originalSize, const char* dictStart, int dictSize);
</b><p> These functions used to be a bit faster than LZ4_decompress_safe(),
but situation has changed in recent versions.
Now, `LZ4_decompress_safe()` is as fast and sometimes even faster than `LZ4_decompress_fast()`.
Moreover, LZ4_decompress_safe() is protected vs malformed input, while `LZ4_decompress_fast()` is not, making it a security liability.
<pre><b></b><p> These functions used to be faster than LZ4_decompress_safe(),
but it has changed, and they are now slower than LZ4_decompress_safe().
This is because LZ4_decompress_fast() doesn't know the input size,
and therefore must progress more cautiously in the input buffer to not read beyond the end of block.
On top of that `LZ4_decompress_fast()` is not protected vs malformed or malicious inputs, making it a security liability.
As a consequence, LZ4_decompress_fast() is strongly discouraged, and deprecated.
Last LZ4_decompress_fast() specificity is that it can decompress a block without knowing its compressed size.
Note that even that functionality could be achieved in a more secure manner if need be,
though it would require new prototypes, and adaptation of the implementation to this new use case.
The last remaining LZ4_decompress_fast() specificity is that
it can decompress a block without knowing its compressed size.
Such functionality could be achieved in a more secure manner,
by also providing the maximum size of input buffer,
but it would require new prototypes, and adaptation of the implementation to this new use case.
Parameters:
originalSize : is the uncompressed size to regenerate.
@ -477,9 +474,9 @@ int LZ4_decompress_fast_usingDict (const char* src, char* dst, int originalSize,
The function expects to finish at block's end exactly.
If the source stream is detected malformed, the function stops decoding and returns a negative result.
note : LZ4_decompress_fast*() requires originalSize. Thanks to this information, it never writes past the output buffer.
However, since it doesn't know its 'src' size, it may read an unknown amount of input, and overflow input buffer.
Also, since match offsets are not validated, match reads from 'src' may underflow.
These issues never happen if input data is correct.
However, since it doesn't know its 'src' size, it may read an unknown amount of input, past input buffer bounds.
Also, since match offsets are not validated, match reads from 'src' may underflow too.
These issues never happen if input (compressed) data is correct.
But they may happen if input data is invalid (error or intentional tampering).
As a consequence, use these functions in trusted environments with trusted data **only**.

8
lib/lz4.h
View File

@ -638,9 +638,11 @@ LZ4_DEPRECATED("use LZ4_decompress_fast_usingDict() instead") LZ4LIB_API int LZ4
* On top of that `LZ4_decompress_fast()` is not protected vs malformed or malicious inputs, making it a security liability.
* As a consequence, LZ4_decompress_fast() is strongly discouraged, and deprecated.
*
* Only LZ4_decompress_fast() specificity is that it can decompress a block without knowing its compressed size.
* Even that functionality could be achieved in a more secure manner if need be,
* though it would require new prototypes, and adaptation of the implementation to this new use case.
* The last remaining LZ4_decompress_fast() specificity is that
* it can decompress a block without knowing its compressed size.
* Such functionality could be achieved in a more secure manner,
* by also providing the maximum size of input buffer,
* but it would require new prototypes, and adaptation of the implementation to this new use case.
*
* Parameters:
* originalSize : is the uncompressed size to regenerate.

1
lib/lz4hc.c
View File

@ -1396,6 +1396,7 @@ static int LZ4HC_compress_optimal ( LZ4HC_CCtx_internal* ctx,
} }
} /* for (cur = 1; cur <= last_match_pos; cur++) */
assert(last_match_pos < LZ4_OPT_NUM + TRAILING_LITERALS);
best_mlen = opt[last_match_pos].mlen;
best_off = opt[last_match_pos].off;
cur = last_match_pos - best_mlen;

7
tests/frametest.c
View File

@ -667,8 +667,8 @@ int basicTests(U32 seed, double compressibility)
for (blockSizeID = 4; blockSizeID < 8; ++blockSizeID) {
result = LZ4F_getBlockSize(blockSizeID);
CHECK(result);
DISPLAYLEVEL(3, "Returned block size of %zu bytes for blockID %u \n",
result, blockSizeID);
DISPLAYLEVEL(3, "Returned block size of %u bytes for blockID %u \n",
(unsigned)result, blockSizeID);
}
/* Test an invalid input that's too large */
@ -770,7 +770,8 @@ static void locateBuffDiff(const void* buff1, const void* buff2, size_t size, un
const BYTE* b2=(const BYTE*)buff2;
DISPLAY("locateBuffDiff: looking for error position \n");
if (nonContiguous) {
DISPLAY("mode %u: non-contiguous output (%zu bytes), cannot search \n", nonContiguous, size);
DISPLAY("mode %u: non-contiguous output (%u bytes), cannot search \n",
nonContiguous, (unsigned)size);
return;
}
while (p < size && b1[p]==b2[p]) p++;

4
tests/fullbench.c
View File

@ -162,13 +162,13 @@ static LZ4_stream_t LZ4_stream;
static void local_LZ4_resetDictT(void)
{
void* const r = LZ4_initStream(&LZ4_stream, sizeof(LZ4_stream));
assert(r != NULL);
assert(r != NULL); (void)r;
}
static void local_LZ4_createStream(void)
{
void* const r = LZ4_initStream(&LZ4_stream, sizeof(LZ4_stream));
assert(r != NULL);
assert(r != NULL); (void)r;
}
static int local_LZ4_saveDict(const char* in, char* out, int inSize)

4
tests/fuzzer.c
View File

@ -490,6 +490,7 @@ static int FUZ_test(U32 seed, U32 nbCycles, const U32 startCycle, const double c
/* Test decompress_fast() with input buffer size exactly correct => must not read out of bound */
{ char* const cBuffer_exact = (char*)malloc((size_t)compressedSize);
assert(cBuffer_exact != NULL);
assert(compressedSize <= compressedBufferSize);
memcpy(cBuffer_exact, compressedBuffer, compressedSize);
/* Test decoding with output size exactly correct => must work */
@ -1302,9 +1303,8 @@ static void FUZ_unitTests(int compressionLevel)
int iNext = 0;
int dNext = 0;
int compressedSize;
size_t const testVerifySize = testInputSize;
assert((size_t)dBufferSize * 2 + 1 < testVerifySize); /* space used by ringBufferSafe and ringBufferFast */
assert((size_t)dBufferSize * 2 + 1 < testInputSize); /* space used by ringBufferSafe and ringBufferFast */
XXH64_reset(&xxhOrig, 0);
XXH64_reset(&xxhNewSafe, 0);
XXH64_reset(&xxhNewFast, 0);