Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Invalid memory access in lz5 v2.0(lz5_compress) #18

Kingkingyoung opened this issue Sep 7, 2018 · 1 comment


None yet
2 participants
Copy link

commented Sep 7, 2018


I found a invalid memory access in LZ5 v2.0.

Please confirm.


OS: ubuntu-14.04-64bit
version: Lz5 2.0
POC Download: invalid memory access
test code: examples/blockStreaming_lineByLine.c,compile with ASan.


==181087==ERROR: AddressSanitizer: SEGV on unknown address 0x7f920ce206be (pc 0x7f914d4092c0 bp 0x7ffeaa32fd10 sp 0x7ffeaa32f4b8 T0)
==181087==The signal is caused by a READ memory access.
    #0 0x7f914d4092bf  /build/eglibc-ripdx6/eglibc-2.19/string/../sysdeps/x86_64/multiarch/memcpy-ssse3-back.S:2714
    #1 0x4b9852 in __asan_memcpy /local/mnt/workspace/clang_nightly/plain/llvm/utils/release/final/llvm.src/projects/compiler-rt/lib/asan/
    #2 0x5eea7f in MEM_read32 /home/yangq/testapp/lizard-2.0/examples/../lib/entropy/mem.h:173:14
    #3 0x52350e in LZ5_compress_fastSmall /home/yangq/testapp/lizard-2.0/examples/../lib/lz5_parser_fastsmall.h:94:25
    #4 0x52350e in LZ5_compress_generic /home/yangq/testapp/lizard-2.0/examples/../lib/lz5_compress.c:513
    #5 0x52350e in LZ5_compress_continue /home/yangq/testapp/lizard-2.0/examples/../lib/lz5_compress.c:586
    #6 0x5f0cad in test_compress /home/yangq/testapp/lizard-2.0/examples/blockStreaming_lineByLine.c:67:34
    #7 0x5f098b in main /home/yangq/testapp/lizard-2.0/examples/blockStreaming_lineByLine.c:177:9
    #8 0x7f914d2d4f44 in __libc_start_main /build/eglibc-ripdx6/eglibc-2.19/csu/libc-start.c:287
    #9 0x419eeb in _start (/home/yangq/testapp/lizard-2.0/examples/lineCompress_asan+0x419eeb)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /build/eglibc-ripdx6/eglibc-2.19/string/../sysdeps/x86_64/multiarch/memcpy-ssse3-back.S:2714 

It seems 'match' or 'base' (lz5_parse_fastsmall.h:90) access invalid memory in some cases.
It may cause a crash or denial of service.

@Kingkingyoung Kingkingyoung changed the title NULL pointer dereference in lz5 v2.0(lz5_compress) Invalid memory access in lz5 v2.0(lz5_compress) Sep 13, 2018


This comment has been minimized.

Copy link

commented Oct 4, 2018

Thanks for reporting. I tried to reproduce your issue with the latest Lizard 1.0 at 02491c7.
I used gcc-8 with UBSan and ASan and it found no issues.

Please try the latest commit. If you will find an issue please also report your gcc/clang version and used parameters. My options were: gcc-8 -O2 -g -fsanitize=undefined -fsanitize=address -std=gnu99 -Wall -Wextra -Wundef -Wshadow -Wcast-align -Wstrict-prototypes

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.