group.of.nepali.translators team mailing list archive
-
group.of.nepali.translators team
-
Mailing list archive
-
Message #33663
[Bug 1851499] Re: lz4 SIGSEGV in LZ4_decompress_generic
** Changed in: lz4 (Ubuntu Focal)
Status: Triaged => Fix Released
** Also affects: lz4 (Ubuntu Eoan)
Importance: Undecided
Status: New
** Also affects: lz4 (Ubuntu Xenial)
Importance: Undecided
Status: New
** Changed in: lz4 (Ubuntu Eoan)
Status: New => Fix Released
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1851499
Title:
lz4 SIGSEGV in LZ4_decompress_generic
Status in lz4 package in Ubuntu:
Fix Released
Status in lz4 source package in Xenial:
New
Status in lz4 source package in Bionic:
New
Status in lz4 source package in Disco:
New
Status in lz4 source package in Eoan:
Fix Released
Status in lz4 source package in Focal:
Fix Released
Bug description:
Affected packages:
https://packages.ubuntu.com/xenial/liblz4-1
https://packages.ubuntu.com/bionic/liblz4-1
https://packages.ubuntu.com/cosmic/liblz4-1
https://packages.ubuntu.com/disco/liblz4-1
Non-Affected packages:
https://packages.ubuntu.com/eoan/liblz4-1
Description:
I got SIGSEGV with lz4, when trying to read a corrupted stream
No null ptr check of source in LZ4_decompress_generic
Description of problem:
No null ptr check of source in LZ4_decompress_generic
(gdb) bt
#0 0x00007ffff74ede70 in LZ4_decompress_generic (source=0x0,
dest=0x631000028800 "press.foo.bar.6057 1
349830001\ncompress.foo.bar.6058 1 349830001\ncompress.foo.bar.6059 1
349830001\ncompress.foo.bar.6060 1 349830001\ncompress.foo.bar.6061 1
349830001\ncompress.foo.bar.6062 1 349830001"..., inputSize=1253,
outputSize=65536, endOnInput=1, partialDecoding=0, targetOutputSize=0,
dict=0,
lowPrefix=0x631000028800 "press.foo.bar.6057 1
349830001\ncompress.foo.bar.6058 1 349830001\ncompress.foo.bar.6059 1
349830001\ncompress.foo.bar.6060 1 349830001\ncompress.foo.bar.6061 1
349830001\ncompress.foo.bar.6062 1 349830001"..., dictStart=0x0,
dictSize=0) at lz4.c:1157
#1 LZ4_decompress_safe (source=0x0,
dest=0x631000028800 "press.foo.bar.6057 1
349830001\ncompress.foo.bar.6058 1 349830001\ncompress.foo.bar.6059 1
349830001\ncompress.foo.bar.6060 1 349830001\ncompress.foo.bar.6061 1
349830001\ncompress.foo.bar.6062 1 349830001"..., compressedSize=1253,
maxDecompressedSize=65536) at lz4.c:1290
#2 0x00007ffff7560631 in LZ4F_decompress_safe (source=0x0,
dest=0x631000028800 "press.foo.bar.6057 1
349830001\ncompress.foo.bar.6058 1 349830001\ncompress.foo.bar.6059 1
349830001\ncompress.foo.bar.6060 1 349830001\ncompress.foo.bar.6061 1
349830001\ncompress.foo.bar.6062 1 349830001"..., compressedSize=1253,
maxDecompressedSize=65536,
dictStart=0x631000028800 "press.foo.bar.6057 1
349830001\ncompress.foo.bar.6058 1 349830001\ncompress.foo.bar.6059 1
349830001\ncompress.foo.bar.6060 1 349830001\ncompress.foo.bar.6061 1
349830001\ncompress.foo.bar.6062 1 349830001"..., dictSize=0) at
lz4frame.c:957
#3 0x00007ffff755595b in LZ4F_decompress
(decompressionContext=0x61100000ff40, dstBuffer=0x7fffe8bdd82c,
dstSizePtr=0x7ffff0cf96e0, srcBuffer=0x62d000014400,
srcSizePtr=0x7ffff0cf96c0,
decompressOptionsPtr=0x7ffff0cf8120) at lz4frame.c:1294
Version-Release number of selected component (if applicable):
In lz4 from HEAD bug was fixed
https://github.com/lz4/lz4/blob/master/lib/lz4.c#L1668
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lz4/+bug/1851499/+subscriptions
