search

cmcqueen / lzs-compression

Compression using LZS-style algorithm, derived from LZ77-style
MIT License
19 stars 8 forks source link

stack-buffer-overflow detected in Clang AddressSanitizer #8

Open philcaonz opened 5 years ago

philcaonz commented 5 years ago 
==18859==ERROR: AddressSanitizer: stack-buffer-overflow on address 0xffce2ae6 at pc 0x0817261a bp 0xffcdf7a8 sp 0xffcdf79c
READ of size 1 at 0xffce2ae6 thread T0
    #0 0x8172619 in lzs_compress /builds/Application/dependencies/lzs/src/liblzs/lzs-compression.c:390:45

The offending line appears to be https://github.com/cmcqueen/lzs-compression/blob/6ba10b71a0883e726b9fb368eb32e6ea246ee293/c/src/liblzs/lzs-compression.c#L390

I'm suspecting the overflow is due to inPtr + 1 when inPtr is already at the last element of the input array.