Inicio Explorar Axuda
Rexistro Iniciar sesión
hebinlong
/
aria2
1
0
Fork 0
Ficheiros Incidencias 0 Pull Requests 0 Wiki
Explorar o código

Fix undefined behavior/crash in GZipEncoder

When the output buffer is full, outbuf[produced] references past the buffer end, leading to UB and a possible assertion failure.
Fixes #1968, #1964
Nikita Ofitserov %!s(int64=3) %!d(string=hai) anos
pai
05f3c47988
achega
42038422f6
Modificáronse 1 ficheiros con 1 adicións e 1 borrados
Dividir vista Mostrar estatísticas de Diff
  1. 1 1
      src/GZipEncoder.cc

+ 1 - 1
src/GZipEncoder.cc
Ver ficheiro 

@@ -87,7 +87,7 @@ std::string GZipEncoder::encode(const unsigned char* in, size_t length,
 
       throw DL_ABORT_EX(fmt("libz::deflate() failed. cause:%s", strm_->msg));
 
     }
 
     size_t produced = outbuf.size() - strm_->avail_out;
 
-    out.append(&outbuf[0], &outbuf[produced]);
 
+    out.append(outbuf.data(), outbuf.data() + produced);
 
     if (strm_->avail_out > 0) {
 
       break;
 
     }