From 9ae4f4ae4481b1e69d38ed810980d33103544613 Mon Sep 17 00:00:00 2001 From: Richard Biener Date: Thu, 3 Aug 2023 15:21:51 +0200 Subject: [PATCH] [libbacktrace] fix up broken test zstdtest has some inline data where some testcases lack the uncompressed length field. Thus it computes that but still ends up allocating memory for the uncompressed buffer based on that (zero) length. Oops. Causes memory corruption if the allocator returns non-NULL. libbacktrace/ * zstdtest.c (test_samples): Properly compute the allocation size for the uncompressed data. --- zstdtest.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/zstdtest.c b/zstdtest.c index fe31b15..6670b91 100644 --- a/zstdtest.c +++ b/zstdtest.c @@ -197,7 +197,11 @@ test_samples (struct backtrace_state *state) unsigned char *uncompressed; size_t uncompressed_len; - uncompressed = (unsigned char *) malloc (tests[i].uncompressed_len); + uncompressed_len = tests[i].uncompressed_len; + if (uncompressed_len == 0) + uncompressed_len = strlen (tests[i].uncompressed); + + uncompressed = (unsigned char *) malloc (uncompressed_len); if (uncompressed == NULL) { perror ("malloc"); @@ -206,10 +210,6 @@ test_samples (struct backtrace_state *state) continue; } - uncompressed_len = tests[i].uncompressed_len; - if (uncompressed_len == 0) - uncompressed_len = strlen (tests[i].uncompressed); - if (!backtrace_uncompress_zstd (state, ((const unsigned char *) tests[i].compressed),