fix: fixed potential overflow when compressing integer #2631
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
sssooonnnggg
changed the title
|
Filed as internal issue #USD-8634 |
|
Nice catch, thanks! |
|
@gitamohr Hi, can this PR be merged? We are currently using a custom repo with the fix, and cannot use the upstream code.😄 |
|
It has been committed internally to Pixar, and should be flowing out to
GitHub dev branch shortly!
…On Tue, Mar 12, 2024 at 4:20 AM Song ***@***.***> wrote:
@gitamohr <https://github.com/gitamohr> Hi, can this PR be merged? We are
currently using a custom repo with the fix, and cannot use the upstream
code.😄
—
Reply to this email directly, view it on GitHub
<#2631 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ABPOU2FRIJMJNNE6WSA7GH3YX3QHLAVCNFSM6AAAAAA4CVBRRWVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTSOJRGQYTGNBQHA>
.
You are receiving this because you are subscribed to this thread.Message
ID: ***@***.***>
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description of Change(s)
When compressing integer, capacity passed to LZ4 is incorrect, because we already passed
compressed + 1as output ptr, the capacity parameter should beLZ4_compressBoundinstead ofLZ4_compressBound + 1.FYI, the caller in
crateFile.cpponly allocate a buffer withcompressBound + 1size :Then inside the callee, we passed LZ4 an incorrect capacity larger than actual, which causes undefined behaviour when serializing usdc files
Fixes Issue(s)