New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
LZ4_decompress_safe_partial is broken in 1.9.2 #783
Comments
Thanks for notification @jfkthame , |
Any chance of this being investigated soon? It's currently blocking us from updating to 1.9.2, but I don't understand the LZ4 code well enough to feel confident attempting a local patch to work around the problem. |
I'm sorry, availability is very hard these days. |
In partial decompression (lz4.c line 1942), the number of remaining characters will be checked, but I do n’t think it should be used differently |
This bugfix is very important for me. Can you tell me when we can have an official version with this fix included? |
Hi Yann, Could you kindly help consider some direct fix? Thanks Yann! Thanks, |
It's definitely on my todo list. |
Thanks, is there something how the "community" could help? |
I plan to spend some time on In the meantime, if your need is more urgent, I can only suggest to apply a fix locally. |
I've spent a bit of time on this issue, and may have a better understanding now.
OK, so this part is important. The use case described is entirely different. Here, the objective is to decompress the full block. But the quirk is that, instead of providing the exact compressed size, only an upper bound is known. Thing is, this capability never was a part of the contract.
It expects the exact size, not an upper bound. Now, it may have nonetheless worked as OP intended up to It doesn't mean it's the end. Just it explains why this property "regressed" : nowhere was it tested, since it was not part of the contract. Now, if we want to add this property to the contract, well it requires proper testing, and there might be surprises along the road. So this is still under investigation. My hope is that it can be achieved without introducing performance degradation, but that may require being creative in the way new constraints and associated runtime tests are added right into the hot decoding function. |
fails currently, for investigation of #783
I'm currently wondering if it's a good idea to expose a function in charge of both objectives: In the first scenario, it's also allowed to request a decompressed size which is larger than full block. In the second scenario, since the input size is larger than the actual compressed block size, Effectively, one of the 2 values, either compressed size or decompressed size, must be exact. It also strikes me that the intended scenario seems so close to what A minor advantage is that Another difference is that it expects to decompress a full block, in contrast with Anyway, that's the major take away of this post : |
Hi Cyan,
Yeah, but there exists the third scenario, decompress a partial decompressed size Yeah, for the first two scenarios, if these needs more check, I think they need From the perspective of complexity, I'm curious if introducing two decode internal Thanks, |
That's a good datapoint, @hsiangkao, I'll make sure this capability is delivered in some way within next release. |
This issue is likely fixed by #910 .
This capability used to exist in earlier versions of While this patch kind of restore a capability that was present by accident, |
Thanks so much for looking into this; I'm hoping to test it shortly to confirm that it solves the issues we were seeing. |
I'm seeing what I believe is incorrect behavior from
LZ4_decompress_safe_partial
in the latest release.Specifically, in our use case we have a buffer of compressed data that may have a few bytes of padding at the end. We know the expected uncompressed size, but only the rounded-up (possibly padded) size of the compressed data. Therefore, we've been using
LZ4_decompress_safe_partial
to decompress, because it would ignore residual input once it has decompressed the expectedtargetOutputSize
bytes (unlikeLZ4_decompress_safe
which expects that "compressedSize : is the exact complete size of the compressed block").With the update from 1.9.1 to 1.9.2, however, the behavior of
LZ4_decompress_safe_partial
has changed, and it now returns an error if there are a small number of extra bytes at the end of the source. It works as expected if there's a lot of extra data; in this case, it stops successfully after decompressing the requestedtargetOutputSize
. But when there are around 1-7 extra bytes -- exactly the sort of case that's likely to arise if we're working with a padded block -- it fails. I don't think this is expected behavior for this function.See attached test file, which compares the behavior of
LZ4_decompress_safe
andLZ4_decompress_safe_partial
when the given length of the source is slightly wrong. As expected, both fail if the source is truncated, andLZ4_decompress_safe
also fails if the givencompressedSize
is too large.LZ4_decompress_safe_partial
, however, fails for values ofsrcSize
that are just slightly larger than needed (1-7 bytes), and then starts succeeding again for values that are substantially larger:decompress-partial-test.c.txt
The text was updated successfully, but these errors were encountered: