cryptopp
cryptopp copied to clipboard
bug in upper_bound search
- State the operating system and version (Ubutnu 17 x86_64, Windows 7 Professional x64, etc): Windows 10
- State the version of the Crypto++ library (Crypto++ 7.0, Master, etc): 5.6.2
There is a bug when doing upper_bound search with distance
equal to 0:
https://github.com/weidai11/cryptopp/blob/0a7a16472643597b415f017b3e53f68168217542/zdeflate.cpp#L581
This expression results in (unsigned int)(0-1)
and so later segfault happens when trying to access distanceBases
Thanks @dvgrinberg.
Do you have a reproducer or suggested fix?
Maybe something like:
distanceCode = distanceBases == 0 ? 0 : (upper_bound(distanceBases, distanceBases+30, distance) - distanceBases - 1);
Thanks @dvgrinberg.
Do you have a reproducer or suggested fix?
I'm not really familiar with this library, is it even appropriate to call this function with distance==0
? Maybe the actual bug was before