Open elasota opened 3 months ago
I guess this is actually a 2-part bug: libdeflate_gdeflate_compress_bound
returns too small of a value, but libdeflate_gdeflate_compress
is also supposed to fail safely if more output is written than is specified in the page buffer, which it sometimes does, but with this sample, it is stomping memory above the provided limit.
While running some tests, GDeflateDemo crashed due to stack corruption. Upon testing, it turns out that this was due to
libdeflate_gdeflate_compress
writing more data thanlibdeflate_gdeflate_compress_bound
indicated was the upper limit.Reproduction steps:
GDeflateDemo /compress gdeflatecrash.bin .
gdeflatecrash.zip