Skip to content

Commit

Permalink
zstd: Disallow 0 sized compressed blocks. (#522)
Browse files Browse the repository at this point in the history
  • Loading branch information
klauspost authored Mar 9, 2022
1 parent 96d0db7 commit 7d515e0
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 2 deletions.
10 changes: 8 additions & 2 deletions zstd/blockdec.go
Original file line number Diff line number Diff line change
Expand Up @@ -167,6 +167,11 @@ func (b *blockDec) reset(br byteBuffer, windowSize uint64) error {
}
return ErrCompressedSizeTooBig
}
// Empty compressed blocks not valid in practice,
// see https://github.com/facebook/zstd/issues/3090
if cSize < 3 {
return ErrBlockTooSmall
}
case blockTypeRaw:
if cSize > maxCompressedBlockSize || cSize > int(b.WindowSize) {
if debugDecoder {
Expand Down Expand Up @@ -491,6 +496,9 @@ func (b *blockDec) decodeCompressed(hist *history) error {
}

func (b *blockDec) prepareSequences(in []byte, hist *history) (err error) {
if debugDecoder {
printf("prepareSequences: %d byte(s) input\n", len(in))
}
// Decode Sequences
// https://github.com/facebook/zstd/blob/dev/doc/zstd_compression_format.md#sequences-section
if len(in) < 1 {
Expand All @@ -499,8 +507,6 @@ func (b *blockDec) prepareSequences(in []byte, hist *history) (err error) {
var nSeqs int
seqHeader := in[0]
switch {
case seqHeader == 0:
in = in[1:]
case seqHeader < 128:
nSeqs = int(seqHeader)
in = in[1:]
Expand Down
Binary file modified zstd/testdata/bad.zip
Binary file not shown.

0 comments on commit 7d515e0

Please sign in to comment.