| commit | 21c6b94373d239d7e86bd480fcd558e30391712f | |
| author | Lasse Collin <lasse.collin@tukaani.org> | |
| Tue, 28 Apr 2009 20:08:32 +0000 (28 23:08 +0300) | ||
| committer | Lasse Collin <lasse.collin@tukaani.org> | |
| Tue, 28 Apr 2009 20:08:32 +0000 (28 23:08 +0300) | ||
| tree | 072a944fecdd87fcd25a80a723d8b1d220d2f642 | treesnapshot (tar.gz zip) |
| parent | e518d167aa5958e469982f4fb3a24b9b6a2b5d1c | commitdiff |
Fixed a crash in liblzma.
liblzma tries to avoid useless free()/malloc() pairs in
initialization when multiple files are handled using the
same lzma_stream. This didn't work with filter chains
due to comparison of wrong pointers in lzma_next_coder_init(),
making liblzma think that no memory reallocation is needed
even when it actually is.
Easy way to trigger this bug is to decompress two files with
a single xz command. The first file should have e.g. x86+LZMA2
as the filter chain, and the second file just LZMA2.
liblzma tries to avoid useless free()/malloc() pairs in
initialization when multiple files are handled using the
same lzma_stream. This didn't work with filter chains
due to comparison of wrong pointers in lzma_next_coder_init(),
making liblzma think that no memory reallocation is needed
even when it actually is.
Easy way to trigger this bug is to decompress two files with
a single xz command. The first file should have e.g. x86+LZMA2
as the filter chain, and the second file just LZMA2.