[PATCH] erofs-utils: lib: fix s->pos_in >= s->inlen case in kite_deflate_slow()

Wed, 01 Oct 2025 17:38:16 -0700 

Do not clear `s->prev_valid` if kite_deflate_tally() doesn't fit.

Reproducible input (base64-encoded gzipped blob):

H4sICJKM22gCA3R4AJyUR67cMAyG9zlFLqBRelunJ3cQVGibeLJkiNS00wd2ejwPILOb8n9i
/zFaaK3Uw/TQdmoWS8w9gfU0mxEKtJ8CEzzBYXrwl4o4RbM0SDAcpje7/7Dufj2/euFePDMZ
Sz+bsXQbkMlmDNFM4BM0Q+wb77gBPPcGdO8fhnGGF8+EAU+1JcIrCOXr2zI5XcjGBANJK69l
NKn2kAWPbwG4B1JIzR89yRjsGONe/fjpn2NLMGgR30ZpKy8LkEaLV7l+WwHN49a5YankWAnN
gdgzrJw62Itnauz9p6/vVIgaIG49sj5QrPUOwWF1Qy+RsRZ5MzeHcBlnoX7I1XNRiU2s81yL
JqFbRpYxSI3FIw/Zj6TQr6vUSeQt+vOxMdd451jPYFJS6/npEWiqhSlssNzYAigJvXTQoBcX
IGnfw4WBTn4Ryvtaj8EEhZEvsjUgyBBlbduJRXaAIwGrfWqHKaxnXYWjz/+L0gJRyC48NfBJ
dUobYWjyDZLZkcJgxrc4CTnPdcboTpjAxdoLQxORv5oyd4azDmmn9e53jM+5Ri9+anVLEwjW
YnXQ5tk3/LdhGVV7seabQb2+e+zPFL57+uFgYy0DbglBqwO5f78nCH0U2jnOsFNCa6UKU7+t
3UTSdzzN90i/DbkTgFBBuJsAUgYAYaNhPVkMAAA=

Test command line: ./kite-deflate foo 512 9

Signed-off-by: Gao Xiang <hsiang...@linux.alibaba.com>
---
 lib/kite_deflate.c | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/lib/kite_deflate.c b/lib/kite_deflate.c
index 1b273a4..f9eb3fb 100644
--- a/lib/kite_deflate.c
+++ b/lib/kite_deflate.c
@@ -1111,7 +1111,7 @@ nomatch:
 static bool kite_deflate_slow(struct kite_deflate *s)
 {
        struct kite_matchfinder *mf = s->mf;
-       bool flush = false;
+       bool flush = false, eos = false;
 
        kite_deflate_startblock(s);
        while (1) {
@@ -1163,20 +1163,20 @@ static bool kite_deflate_slow(struct kite_deflate *s)
                        s->prev_longest = matches;
                }
 
-               s->lastblock |= (s->pos_in >= s->inlen);
-               if (s->pos_in >= s->inlen) {
+               eos = (s->pos_in >= s->inlen);
+               if (eos || s->symbols >= s->max_symbols) {
+                       s->lastblock |= eos;
                        flush = true;
                        break;
                }
-               if (s->symbols >= s->max_symbols) {
-                       kite_deflate_endblock(s);
-                       break;
-               }
        }
 
-       if (flush && s->prev_valid) {
-               (void)kite_deflate_tally(s, mf->matches + s->prev_longest);
-               s->prev_valid = false;
+       if (flush) {
+               if (eos && s->prev_valid) {
+                       if (!kite_deflate_tally(s, mf->matches + 
s->prev_longest))
+                               s->prev_valid = false;
+               }
+               kite_deflate_endblock(s);
        }
        return kite_deflate_commitblock(s);
 }
-- 
2.43.5

Reply via email to