From: Lasse Collin <lasse.col...@tukaani.org> s->dict.allocated was initialized to 0 but never set after a successful allocation, thus the code always thought that the dictionary buffer has to be reallocated.
Link: http://lkml.kernel.org/r/20191104185107.3b633...@tukaani.org Reported-by: Yu Sun <yus...@cisco.com> Signed-off-by: Lasse Collin <lasse.col...@tukaani.org> Acked-by: Daniel Walker <danie...@cisco.com> [Linux commit: 8e20ba2e53fc6198cbfbcc700e9f884157052a8d] Signed-off-by: Jan Beulich <jbeul...@suse.com> --- a/xen/common/xz/dec_lzma2.c +++ b/xen/common/xz/dec_lzma2.c @@ -1146,6 +1146,7 @@ XZ_EXTERN enum xz_ret __init xz_dec_lzma if (DEC_IS_DYNALLOC(s->dict.mode)) { if (s->dict.allocated < s->dict.size) { + s->dict.allocated = s->dict.size; large_free(s->dict.buf); s->dict.buf = large_malloc(s->dict.size); if (s->dict.buf == NULL) {
