AuroraMiddleware/lz4
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Using size instead of LZ4_compressBound(size) <- causes heap overflow

Browse Source
This commit is contained in:
Bimba Shrestha 2019-09-23 11:54:56 -07:00
parent d5ceafd411
commit 192161e97e
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ossfuzz/compress_frame_fuzzer.c
View File

@ -17,7 +17,7 @@
int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
{
FUZZ_dataProducer_t *producer = FUZZ_dataProducer_create(data, LZ4_compressBound(size));
FUZZ_dataProducer_t *producer = FUZZ_dataProducer_create(data, size);
LZ4F_preferences_t const prefs = FUZZ_dataProducer_preferences(producer);
size_t const dstCapacitySeed = FUZZ_dataProducer_retrieve32(producer);
size = FUZZ_dataProducer_remainingBytes(producer);