Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: yawkat/lz4-java
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v1.9.0
Choose a base ref
...
head repository: yawkat/lz4-java
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: v1.10.0
Choose a head ref
  • 5 commits
  • 13 files changed
  • 4 contributors

Commits on Dec 1, 2025

  1. Replace old repository links & improve README (#2) 

    * Replace old repository links & improve README

* Apply suggestion from @yawkat

---------

Co-authored-by: Jonas Konrad <[email protected]>
    @Marcono1234 @yawkat
    Marcono1234 and yawkat authored Dec 1, 2025
    Configuration menu
    Copy the full SHA
    a490933 View commit details
    Browse the repository at this point in the history

  2. Remove unused POM template files (#1)

    @Marcono1234
    Marcono1234 authored Dec 1, 2025
    Configuration menu
    Copy the full SHA
    bb16cca View commit details
    Browse the repository at this point in the history

  3. Hide util package from Javadoc (#4) 

    This matches the original Ant build:
https://github.com/lz4/lz4-java/blob/be9ce5759ec6cce99544c7112e434be11aedb1a8/build.xml#L336
    @Marcono1234
    Marcono1234 authored Dec 1, 2025
    Configuration menu
    Copy the full SHA
    4a238b6 View commit details
    Browse the repository at this point in the history

Commits on Dec 2, 2025

  1. Allow to create LZ4BlockInputStream with LZ4SafeDecompressor (#3) 

    - added builder for LZ4BlockInputStream which accepts both fast and safe decompressor (prefers fast one)

Co-authored-by: Mihhail Meshkov <[email protected]>
    @meshcow @mihhailmeshkov
    meshcow and mihhailmeshkov authored Dec 2, 2025
    Configuration menu
    Copy the full SHA
    999c401 View commit details
    Browse the repository at this point in the history

  2. Fix remaining ArrayIndexOutOfBoundsExceptions in LZ4DecompressorTest (#6 

    )

An ArrayIndexOutOfBoundsException could indicate either an out-of-bounds access, or invalid arguments (e.g. offset < 0). Since we want to detect the former in the fuzz tests, we need to make sure the latter doesn't happen. This PR:

- Disables the ArrayIndexOutOfBoundsException catch so that it's reported by the fuzzer
- Fixes a bug in the test where the src length was larger than allowed
- Adjusts the LZ4JNIFastDecompressor to throw an LZ4Exception on empty input rather than an ArrayIndexOutOfBoundsExceptions (made by @Marcono1234; not security relevant, this only changes the exception. LZ4JNIFastDecompressor is also disabled by default due to CVE-2025-12183)

With these changes, a quick fuzz run now only shows the native_fast_* tests failing, both with a segfault, which is expected due to CVE-2025-12183.
    @yawkat
    yawkat authored Dec 2, 2025
    Configuration menu
    Copy the full SHA
    d2d01a7 View commit details
    Browse the repository at this point in the history
Loading