File lzo-integer_overflow.patch of Package lzo.openSUSE_13.1_Update
--- a/minilzo/minilzo.c
+++ a/minilzo/minilzo.c
@@ -3547,6 +3547,8 @@ DO_COMPRESS ( const lzo_bytep in , lzo_uint in_len,
#undef TEST_LBO
#undef NEED_IP
#undef NEED_OP
+#undef TEST_IV
+#undef TEST_OV
#undef HAVE_TEST_IP
#undef HAVE_TEST_OP
#undef HAVE_NEED_IP
@@ -3561,6 +3563,7 @@ DO_COMPRESS ( const lzo_bytep in , lzo_uint in_len,
# if (LZO_TEST_OVERRUN_INPUT >= 2)
# define NEED_IP(x) \
if ((lzo_uint)(ip_end - ip) < (lzo_uint)(x)) goto input_overrun
+# define TEST_IV(x) if ((x) > (lzo_uint)0 - (511)) goto input_overrun
# endif
#endif
@@ -3572,6 +3575,7 @@ DO_COMPRESS ( const lzo_bytep in , lzo_uint in_len,
# undef TEST_OP
# define NEED_OP(x) \
if ((lzo_uint)(op_end - op) < (lzo_uint)(x)) goto output_overrun
+# define TEST_OV(x) if ((x) > (lzo_uint)0 - (511)) goto output_overrun
# endif
#endif
@@ -3602,11 +3606,13 @@ DO_COMPRESS ( const lzo_bytep in , lzo_uint in_len,
# define HAVE_NEED_IP 1
#else
# define NEED_IP(x) ((void) 0)
+# define TEST_IV(x) ((void) 0)
#endif
#if defined(NEED_OP)
# define HAVE_NEED_OP 1
#else
# define NEED_OP(x) ((void) 0)
+# define TEST_OV(x) ((void) 0)
#endif
#if defined(HAVE_TEST_IP) || defined(HAVE_NEED_IP)
@@ -3665,33 +3671,35 @@ DO_DECOMPRESS ( const lzo_bytep in , lzo_uint in_len,
op = out;
ip = in;
+ NEED_IP(1);
if (*ip > 17)
{
t = *ip++ - 17;
if (t < 4)
goto match_next;
- assert(t > 0); NEED_OP(t); NEED_IP(t+1);
+ assert(t > 0); NEED_OP(t); NEED_IP(t+3);
do *op++ = *ip++; while (--t > 0);
goto first_literal_run;
}
- while (TEST_IP && TEST_OP)
+ for (;;)
{
+ NEED_IP(3);
t = *ip++;
if (t >= 16)
goto match;
if (t == 0)
{
- NEED_IP(1);
while (*ip == 0)
{
t += 255;
ip++;
+ TEST_IV(t);
NEED_IP(1);
}
t += 15 + *ip++;
}
- assert(t > 0); NEED_OP(t+3); NEED_IP(t+4);
+ assert(t > 0); NEED_OP(t+3); NEED_IP(t+6);
#if defined(LZO_UNALIGNED_OK_8) && defined(LZO_UNALIGNED_OK_4)
t += 3;
if (t >= 8) do
@@ -3770,7 +3778,7 @@ first_literal_run:
#endif
goto match_done;
- do {
+ for (;;) {
match:
if (t >= 64)
{
@@ -3830,14 +3838,15 @@ match:
t &= 31;
if (t == 0)
{
- NEED_IP(1);
while (*ip == 0)
{
t += 255;
ip++;
+ TEST_OV(t);
NEED_IP(1);
}
t += 31 + *ip++;
+ NEED_IP(2);
}
#if defined(COPY_DICT)
#if defined(LZO1Z)
@@ -3874,14 +3883,15 @@ match:
t &= 7;
if (t == 0)
{
- NEED_IP(1);
while (*ip == 0)
{
t += 255;
ip++;
+ TEST_OV(t);
NEED_IP(1);
}
t += 7 + *ip++;
+ NEED_IP(2);
}
#if defined(COPY_DICT)
#if defined(LZO1Z)
@@ -4014,16 +4024,10 @@ match_next:
if (t > 1) { *op++ = *ip++; if (t > 2) { *op++ = *ip++; } }
#endif
t = *ip++;
- } while (TEST_IP && TEST_OP);
+ }
}
-#if defined(HAVE_TEST_IP) || defined(HAVE_TEST_OP)
- *out_len = pd(op, out);
- return LZO_E_EOF_NOT_FOUND;
-#endif
-
eof_found:
- assert(t == 1);
*out_len = pd(op, out);
return (ip == ip_end ? LZO_E_OK :
(ip < ip_end ? LZO_E_INPUT_NOT_CONSUMED : LZO_E_INPUT_OVERRUN));
@@ -4073,6 +4077,8 @@ lookbehind_overrun:
#undef TEST_LBO
#undef NEED_IP
#undef NEED_OP
+#undef TEST_IV
+#undef TEST_OV
#undef HAVE_TEST_IP
#undef HAVE_TEST_OP
#undef HAVE_NEED_IP
@@ -4087,6 +4093,7 @@ lookbehind_overrun:
# if (LZO_TEST_OVERRUN_INPUT >= 2)
# define NEED_IP(x) \
if ((lzo_uint)(ip_end - ip) < (lzo_uint)(x)) goto input_overrun
+# define TEST_IV(x) if ((x) > (lzo_uint)0 - (511)) goto input_overrun
# endif
#endif
@@ -4098,6 +4105,7 @@ lookbehind_overrun:
# undef TEST_OP
# define NEED_OP(x) \
if ((lzo_uint)(op_end - op) < (lzo_uint)(x)) goto output_overrun
+# define TEST_OV(x) if ((x) > (lzo_uint)0 - (511)) goto output_overrun
# endif
#endif
@@ -4128,11 +4136,13 @@ lookbehind_overrun:
# define HAVE_NEED_IP 1
#else
# define NEED_IP(x) ((void) 0)
+# define TEST_IV(x) ((void) 0)
#endif
#if defined(NEED_OP)
# define HAVE_NEED_OP 1
#else
# define NEED_OP(x) ((void) 0)
+# define TEST_OV(x) ((void) 0)
#endif
#if defined(HAVE_TEST_IP) || defined(HAVE_NEED_IP)
@@ -4191,33 +4201,35 @@ DO_DECOMPRESS ( const lzo_bytep in , lzo_uint in_len,
op = out;
ip = in;
+ NEED_IP(1);
if (*ip > 17)
{
t = *ip++ - 17;
if (t < 4)
goto match_next;
- assert(t > 0); NEED_OP(t); NEED_IP(t+1);
+ assert(t > 0); NEED_OP(t); NEED_IP(t+3);
do *op++ = *ip++; while (--t > 0);
goto first_literal_run;
}
- while (TEST_IP && TEST_OP)
+ for (;;)
{
+ NEED_IP(3);
t = *ip++;
if (t >= 16)
goto match;
if (t == 0)
{
- NEED_IP(1);
while (*ip == 0)
{
t += 255;
ip++;
+ TEST_IV(t);
NEED_IP(1);
}
t += 15 + *ip++;
}
- assert(t > 0); NEED_OP(t+3); NEED_IP(t+4);
+ assert(t > 0); NEED_OP(t+3); NEED_IP(t+6);
#if defined(LZO_UNALIGNED_OK_8) && defined(LZO_UNALIGNED_OK_4)
t += 3;
if (t >= 8) do
@@ -4296,7 +4308,7 @@ first_literal_run:
#endif
goto match_done;
- do {
+ for (;;) {
match:
if (t >= 64)
{
@@ -4356,14 +4368,15 @@ match:
t &= 31;
if (t == 0)
{
- NEED_IP(1);
while (*ip == 0)
{
t += 255;
ip++;
+ TEST_OV(t);
NEED_IP(1);
}
t += 31 + *ip++;
+ NEED_IP(2);
}
#if defined(COPY_DICT)
#if defined(LZO1Z)
@@ -4400,14 +4413,15 @@ match:
t &= 7;
if (t == 0)
{
- NEED_IP(1);
while (*ip == 0)
{
t += 255;
ip++;
+ TEST_OV(t);
NEED_IP(1);
}
t += 7 + *ip++;
+ NEED_IP(2);
}
#if defined(COPY_DICT)
#if defined(LZO1Z)
@@ -4532,7 +4546,7 @@ match_done:
break;
match_next:
- assert(t > 0); assert(t < 4); NEED_OP(t); NEED_IP(t+1);
+ assert(t > 0); assert(t < 4); NEED_OP(t); NEED_IP(t+3);
#if 0
do *op++ = *ip++; while (--t > 0);
#else
@@ -4540,16 +4554,10 @@ match_next:
if (t > 1) { *op++ = *ip++; if (t > 2) { *op++ = *ip++; } }
#endif
t = *ip++;
- } while (TEST_IP && TEST_OP);
+ }
}
-#if defined(HAVE_TEST_IP) || defined(HAVE_TEST_OP)
- *out_len = pd(op, out);
- return LZO_E_EOF_NOT_FOUND;
-#endif
-
eof_found:
- assert(t == 1);
*out_len = pd(op, out);
return (ip == ip_end ? LZO_E_OK :
(ip < ip_end ? LZO_E_INPUT_NOT_CONSUMED : LZO_E_INPUT_OVERRUN));
--- a/src/lzo1_d.ch
+++ a/src/lzo1_d.ch
@@ -76,6 +76,8 @@
#undef TEST_LBO
#undef NEED_IP
#undef NEED_OP
+#undef TEST_IV
+#undef TEST_OV
#undef HAVE_TEST_IP
#undef HAVE_TEST_OP
#undef HAVE_NEED_IP
@@ -91,6 +93,7 @@
# if (LZO_TEST_OVERRUN_INPUT >= 2)
# define NEED_IP(x) \
if ((lzo_uint)(ip_end - ip) < (lzo_uint)(x)) goto input_overrun
+# define TEST_IV(x) if ((x) > (lzo_uint)0 - (511)) goto input_overrun
# endif
#endif
@@ -102,6 +105,7 @@
# undef TEST_OP /* don't need both of the tests here */
# define NEED_OP(x) \
if ((lzo_uint)(op_end - op) < (lzo_uint)(x)) goto output_overrun
+# define TEST_OV(x) if ((x) > (lzo_uint)0 - (511)) goto output_overrun
# endif
#endif
@@ -135,11 +139,13 @@
# define HAVE_NEED_IP 1
#else
# define NEED_IP(x) ((void) 0)
+# define TEST_IV(x) ((void) 0)
#endif
#if defined(NEED_OP)
# define HAVE_NEED_OP 1
#else
# define NEED_OP(x) ((void) 0)
+# define TEST_OV(x) ((void) 0)
#endif
--- a/src/lzo1b_d.ch
+++ a/src/lzo1b_d.ch
@@ -187,6 +187,7 @@ match:
{
t += 255;
ip++;
+ TEST_OV(t);
NEED_IP(1);
}
t += (M4_MIN_LEN - M3_MIN_LEN) + *ip++;
--- a/src/lzo1f_d.ch
+++ a/src/lzo1f_d.ch
@@ -84,6 +84,7 @@ DO_DECOMPRESS ( const lzo_bytep in , lzo_uint in_len,
{
t += 255;
ip++;
+ TEST_IV(t);
NEED_IP(1);
}
t += 31 + *ip++;
@@ -138,6 +139,7 @@ match:
{
t += 255;
ip++;
+ TEST_OV(t);
NEED_IP(1);
}
t += 31 + *ip++;
--- a/src/lzo1x_d.ch
+++ a/src/lzo1x_d.ch
@@ -97,35 +97,37 @@ DO_DECOMPRESS ( const lzo_bytep in , lzo_uint in_len,
op = out;
ip = in;
+ NEED_IP(1);
if (*ip > 17)
{
t = *ip++ - 17;
if (t < 4)
goto match_next;
- assert(t > 0); NEED_OP(t); NEED_IP(t+1);
+ assert(t > 0); NEED_OP(t); NEED_IP(t+3);
do *op++ = *ip++; while (--t > 0);
goto first_literal_run;
}
- while (TEST_IP && TEST_OP)
+ for (;;)
{
+ NEED_IP(3);
t = *ip++;
if (t >= 16)
goto match;
/* a literal run */
if (t == 0)
{
- NEED_IP(1);
while (*ip == 0)
{
t += 255;
ip++;
+ TEST_IV(t);
NEED_IP(1);
}
t += 15 + *ip++;
}
/* copy literals */
- assert(t > 0); NEED_OP(t+3); NEED_IP(t+4);
+ assert(t > 0); NEED_OP(t+3); NEED_IP(t+6);
#if defined(LZO_UNALIGNED_OK_8) && defined(LZO_UNALIGNED_OK_4)
t += 3;
if (t >= 8) do
@@ -208,7 +210,7 @@ first_literal_run:
/* handle matches */
- do {
+ for (;;) {
match:
if (t >= 64) /* a M2 match */
{
@@ -268,14 +270,15 @@ match:
t &= 31;
if (t == 0)
{
- NEED_IP(1);
while (*ip == 0)
{
t += 255;
ip++;
+ TEST_OV(t);
NEED_IP(1);
}
t += 31 + *ip++;
+ NEED_IP(2);
}
#if defined(COPY_DICT)
#if defined(LZO1Z)
@@ -312,14 +315,15 @@ match:
t &= 7;
if (t == 0)
{
- NEED_IP(1);
while (*ip == 0)
{
t += 255;
ip++;
+ TEST_OV(t);
NEED_IP(1);
}
t += 7 + *ip++;
+ NEED_IP(2);
}
#if defined(COPY_DICT)
#if defined(LZO1Z)
@@ -446,7 +450,7 @@ match_done:
/* copy literals */
match_next:
- assert(t > 0); assert(t < 4); NEED_OP(t); NEED_IP(t+1);
+ assert(t > 0); assert(t < 4); NEED_OP(t); NEED_IP(t+3);
#if 0
do *op++ = *ip++; while (--t > 0);
#else
@@ -454,17 +458,10 @@ match_next:
if (t > 1) { *op++ = *ip++; if (t > 2) { *op++ = *ip++; } }
#endif
t = *ip++;
- } while (TEST_IP && TEST_OP);
+ }
}
-#if defined(HAVE_TEST_IP) || defined(HAVE_TEST_OP)
- /* no EOF code was found */
- *out_len = pd(op, out);
- return LZO_E_EOF_NOT_FOUND;
-#endif
-
eof_found:
- assert(t == 1);
*out_len = pd(op, out);
return (ip == ip_end ? LZO_E_OK :
(ip < ip_end ? LZO_E_INPUT_NOT_CONSUMED : LZO_E_INPUT_OVERRUN));
--- a/src/lzo2a_d.ch
+++ a/src/lzo2a_d.ch
@@ -131,6 +131,7 @@ DO_DECOMPRESS ( const lzo_bytep in , lzo_uint in_len,
{
t += 255;
ip++;
+ TEST_OV(t);
NEED_IP(1);
}
t += *ip++;
