Uh oh!
There was an error while loading.Please reload this page.
- Notifications
You must be signed in to change notification settings - Fork33.7k
Closed
Description
Example:
>>>importlzma>>>lzma._decode_filter_properties(lzma.FILTER_X86,b"")Segmentationfault (coredumped)
In_lzma__decode_filter_properties_impl call tolzma_properties_decode returnsLZMA_OK and leavesfilter.options intact (that is uninitialized) iffilter.id is id of a BCJ filter (FILTER_X86, FILTER_POWERPC, FILTER_IA64, FILTER_ARM, FILTER_ARMTHUMB, FILTER_SPARC) andencoded_props->len is equal to zero.
Lines 1487 to 1495 in01cc9c1
| lzret=lzma_properties_decode( | |
| &filter,NULL,encoded_props->buf,encoded_props->len); | |
| if (catch_lzma_error(state,lzret)) { | |
| returnNULL; | |
| } | |
| result=build_filter_spec(&filter); | |
Then, inbuild_filter_spec, access tof->options->start_offset leads to segmentation fault:
Lines 489 to 499 in01cc9c1
| } | |
| caseLZMA_FILTER_X86: | |
| caseLZMA_FILTER_POWERPC: | |
| caseLZMA_FILTER_IA64: | |
| caseLZMA_FILTER_ARM: | |
| caseLZMA_FILTER_ARMTHUMB: | |
| caseLZMA_FILTER_SPARC: { | |
| lzma_options_bcj*options=f->options; | |
| ADD_FIELD(options,start_offset); | |
| break; | |
| } |
The PR is on the way.
3.9-3.12 are affected for sure.
Linked PRs
Metadata
Metadata
Assignees
Labels
Projects
Status
Done