More CRAM fuzz fixes (integer overflows) #1713
Merged
Commits on Dec 4, 2023
-
Avoid undefined behaviour integer overflow in extend_ref
Credit to OSS-Fuzz Fixes oss-fuzz 64646
-
Fix integer overflow in cram_compress_block2
The figure used here is somewhat arbitrary as it's simply a marker for something considerably worse than no compression, given it's used in places where the compression wasn't applied or fails. Although sz is long, it may get other modifiers and the CRAM block size is int so UINT_MAX seems like a natural "larger than possible" value to use. Credit to OSS-Fuzz Fixes oss-fuzz 64616
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.