[core/zip] Validate target size before compression

hahnjo · hahnjo · commit 23261a631c9e · 2024-02-08T08:31:53.000+01:00
In practice, the target size is greater or equal the source size in most
cases for ROOT, but add this additional correct check to fuzz the inputs
in the next commit.
diff --git a/core/zip/src/RZip.cxx b/core/zip/src/RZip.cxx
@@ -78,14 +78,18 @@ unsigned long R__crc32(unsigned long crc, const unsigned char* buf, unsigned int
 /*                      3 = old */
 void R__zipMultipleAlgorithm(int cxlevel, int *srcsize, char *src, int *tgtsize, char *tgt, int *irep, ROOT::RCompressionSetting::EAlgorithm::EValues compressionAlgorithm)
 {
+  *irep = 0;
 
+  // Performance optimization: avoid compressing tiny source buffers.
   if (*srcsize < 1 + HDRSIZE + 1) {
-     *irep = 0;
+     return;
+  }
+  // Correctness check: we need at least enough bytes to prepend the header!
+  if (*tgtsize <= HDRSIZE) {
      return;
   }
 
   if (cxlevel <= 0) {
-    *irep = 0;
     return;
   }
 

Original file line number	Diff line number	Diff line change
`@@ -78,14 +78,18 @@ unsigned long R__crc32(unsigned long crc, const unsigned char* buf, unsigned int`
`78`	`78`	`/* 3 = old */`
`79`	`79`	`void R__zipMultipleAlgorithm(int cxlevel, int srcsize, char src, int tgtsize, char tgt, int *irep, ROOT::RCompressionSetting::EAlgorithm::EValues compressionAlgorithm)`
`80`	`80`	`{`
	`81`	`+ *irep = 0;`
`81`	`82`
	`83`	`+ // Performance optimization: avoid compressing tiny source buffers.`
`82`	`84`	`if (*srcsize < 1 + HDRSIZE + 1) {`
`83`		`- *irep = 0;`
	`85`	`+ return;`
	`86`	`+ }`
	`87`	`+ // Correctness check: we need at least enough bytes to prepend the header!`
	`88`	`+ if (*tgtsize <= HDRSIZE) {`
`84`	`89`	`return;`
`85`	`90`	`}`
`86`	`91`
`87`	`92`	`if (cxlevel <= 0) {`
`88`		`- *irep = 0;`
`89`	`93`	`return;`
`90`	`94`	`}`
`91`	`95`