Fix CVE-2025-62813
This is a backport of lz4 mainline commit:
f64efec011c058bd70348576438abac222fe6c82
Which security people identified as a security vulnerability:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2025-62813
https://www.cve.org/CVERecord?id=CVE-2025-62813
f64efec011
This commit is contained in:
Thomas Renninger
parent
bbb895436f
commit
93137e9042
1 changed files with 5 additions and 0 deletions
|
|
@ -64,6 +64,7 @@ You can contact the author at :
|
|||
#include "lz4hc.h"
|
||||
#include "xxhash.h"
|
||||
|
||||
#include <assert.h>
|
||||
|
||||
/**************************************
|
||||
* Basic Types
|
||||
|
|
@ -930,6 +931,10 @@ LZ4F_errorCode_t LZ4F_getFrameInfo(LZ4F_decompressionContext_t dCtx, LZ4F_frameI
|
|||
{
|
||||
LZ4F_dctx_t* dctxPtr = (LZ4F_dctx_t*)dCtx;
|
||||
|
||||
assert(dCtx != NULL);
|
||||
if (frameInfoPtr == NULL || srcSizePtr == NULL)
|
||||
return (size_t)-LZ4F_ERROR_srcPtr_wrong;
|
||||
|
||||
if (dctxPtr->dStage > dstage_storeHeader) /* note : requires dstage_* header related to be at beginning of enum */
|
||||
{
|
||||
size_t o=0, i=0;
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue