aboutsummaryrefslogtreecommitdiff
path: root/src/liblzma
diff options
context:
space:
mode:
authorLasse Collin <lasse.collin@tukaani.org>2008-02-02 14:51:06 +0200
committerLasse Collin <lasse.collin@tukaani.org>2008-02-02 14:51:06 +0200
commit1a3b21859818e4d8e89a1da99699233c1bfd197d (patch)
treef8904bce60857b0d74919ed4f2b658b24804c8b5 /src/liblzma
parentDo uncompressed size validation in raw encoder. This way (diff)
downloadxz-1a3b21859818e4d8e89a1da99699233c1bfd197d.tar.xz
Don't memzero() the history buffer when initializing LZ
decoder. There's no danger of information leak here, so it isn't required. Doing memzero() takes a lot of time with large dictionaries, which could make it easier to construct DoS attack to consume too much CPU time.
Diffstat (limited to '')
-rw-r--r--src/liblzma/lz/lz_decoder.c7
1 files changed, 3 insertions, 4 deletions
diff --git a/src/liblzma/lz/lz_decoder.c b/src/liblzma/lz/lz_decoder.c
index 9c110dec..92aaff6a 100644
--- a/src/liblzma/lz/lz_decoder.c
+++ b/src/liblzma/lz/lz_decoder.c
@@ -429,10 +429,9 @@ lzma_lz_decoder_reset(lzma_lz_decoder *lz, lzma_allocator *allocator,
return LZMA_MEM_ERROR;
}
- // Clean up the buffers to make it very sure that there are
- // no information leaks when multiple steams are decoded
- // with the same decoder structures.
- memzero(lz->dict, dict_real_size);
+ // Clean up the temporary buffer to make it very sure that there are
+ // no information leaks when multiple steams are decoded with the
+ // same decoder structures.
memzero(lz->temp, LZMA_BUFFER_SIZE);
// Reset the variables so that lz_get_byte(lz, 0) will return '\0'.