From a9b6043983b2ebd9d5c0f72043b17110b54f1910 Mon Sep 17 00:00:00 2001 From: Richard Biener Date: Thu, 3 Aug 2023 15:21:51 +0200 Subject: [PATCH] [libbacktrace] fix up broken test zstdtest has some inline data where some testcases lack the uncompressed length field. Thus it computes that but still ends up allocating memory for the uncompressed buffer based on that (zero) length. Oops. Causes memory corruption if the allocator returns non-NULL. libbacktrace/ * zstdtest.c (test_samples): Properly compute the allocation size for the uncompressed data. --- libbacktrace/zstdtest.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/libbacktrace/zstdtest.c b/libbacktrace/zstdtest.c index 1b4158a50eb..1a27d90e29e 100644 --- a/libbacktrace/zstdtest.c +++ b/libbacktrace/zstdtest.c @@ -197,7 +197,11 @@ test_samples (struct backtrace_state *state) unsigned char *uncompressed; size_t uncompressed_len; - uncompressed = (unsigned char *) malloc (tests[i].uncompressed_len); + uncompressed_len = tests[i].uncompressed_len; + if (uncompressed_len == 0) + uncompressed_len = strlen (tests[i].uncompressed); + + uncompressed = (unsigned char *) malloc (uncompressed_len); if (uncompressed == NULL) { perror ("malloc"); @@ -206,10 +210,6 @@ test_samples (struct backtrace_state *state) continue; } - uncompressed_len = tests[i].uncompressed_len; - if (uncompressed_len == 0) - uncompressed_len = strlen (tests[i].uncompressed); - if (!backtrace_uncompress_zstd (state, ((const unsigned char *) tests[i].compressed),