diff options
author | Lasse Collin <lasse.collin@tukaani.org> | 2009-04-28 23:08:32 +0300 |
---|---|---|
committer | Lasse Collin <lasse.collin@tukaani.org> | 2009-04-28 23:08:32 +0300 |
commit | 21c6b94373d239d7e86bd480fcd558e30391712f (patch) | |
tree | 072a944fecdd87fcd25a80a723d8b1d220d2f642 /src/liblzma/common/index_decoder.c | |
parent | Fix uint32_t -> size_t in ARM and ARM-Thumb filters. (diff) | |
download | xz-21c6b94373d239d7e86bd480fcd558e30391712f.tar.xz |
Fixed a crash in liblzma.
liblzma tries to avoid useless free()/malloc() pairs in
initialization when multiple files are handled using the
same lzma_stream. This didn't work with filter chains
due to comparison of wrong pointers in lzma_next_coder_init(),
making liblzma think that no memory reallocation is needed
even when it actually is.
Easy way to trigger this bug is to decompress two files with
a single xz command. The first file should have e.g. x86+LZMA2
as the filter chain, and the second file just LZMA2.
Diffstat (limited to 'src/liblzma/common/index_decoder.c')
-rw-r--r-- | src/liblzma/common/index_decoder.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/liblzma/common/index_decoder.c b/src/liblzma/common/index_decoder.c index 4145a450..51e9de38 100644 --- a/src/liblzma/common/index_decoder.c +++ b/src/liblzma/common/index_decoder.c @@ -243,7 +243,7 @@ static lzma_ret index_decoder_init(lzma_next_coder *next, lzma_allocator *allocator, lzma_index **i, uint64_t memlimit) { - lzma_next_coder_init(index_decoder_init, next, allocator); + lzma_next_coder_init(&index_decoder_init, next, allocator); if (i == NULL || memlimit == 0) return LZMA_PROG_ERROR; |