mirror of
https://github.com/RGBCube/serenity
synced 2025-07-26 06:07:44 +00:00
LibCompress: Avoid buffer overrun when building canonical Huffman code
Previously, decompressing a DEFLATE stream an invalid canonical Huffman code could cause a buffer overrun. We now return an error in this case.
This commit is contained in:
parent
bc6638682d
commit
2f26a7bb12
2 changed files with 10 additions and 0 deletions
|
@ -100,6 +100,9 @@ ErrorOr<CanonicalCode> CanonicalCode::from_bytes(ReadonlyBytes bytes)
|
|||
return Error::from_string_literal("Failed to decode code lengths");
|
||||
|
||||
if (code_length <= CanonicalCode::max_allowed_prefixed_code_length) {
|
||||
if (number_of_prefix_codes >= prefix_codes.size())
|
||||
return Error::from_string_literal("Invalid canonical Huffman code");
|
||||
|
||||
auto& prefix_code = prefix_codes[number_of_prefix_codes++];
|
||||
prefix_code.symbol_code = next_code;
|
||||
prefix_code.symbol_value = symbol;
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue