160611 – lzjb_uncompress possible access violation?

Bug 160611 - lzjb_uncompress possible access violation?

Summary: lzjb_uncompress possible access violation?

Status:	Open

Alias:	None

Product:	Base System
Classification:	Unclassified
Component:	kern (show other bugs)
Version:	Unspecified
Hardware:	Any Any

Importance:	Normal Affects Only Me
Assignee:	freebsd-bugs (Nobody)

URL:
Keywords:

Depends on:
Blocks:

Reported:	2011-09-10 07:30 UTC by Radio Młodych Bandytów
Modified:	2017-12-31 22:32 UTC (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Radio Młodych Bandytów 2011-09-10 07:30:10 UTC

As far as I can see, when checksumming is turned off or there's a
collision, it is possible that lzjb_uncompress is fed with corrupted
data. Source length is entirely ignored and since source has to be
shorter than dest, it is broken.

Comment 1 Eitan Adler freebsd_committer

2017-12-31 08:01:03 UTC

For bugs matching the following criteria:

Status: In Progress Changed: (is less than) 2014-06-01

Reset to default assignee and clear in-progress tags.

Mail being skipped