Google Git
Sign in
fuchsia/third_party/snappy/refs/heads/upstream/main^!/.
commit
3ac3722e1bee4b99860a282fb779e8e72fa18163
[log]
author
danilak-G <166056179+danilak-G@users.noreply.github.com>
Tue Jun 23 12:22:37 2026 +0100
committer
GitHub <noreply@github.com>
Tue Jun 23 12:22:37 2026 +0100
tree
2bb05e6bc93f88952b01f5c1b79d372037c6e2fe
parent
27ab5f7f518430a021239bc26a5b2fd64affbc7b [diff]
parent
9d0af7cdb911a7765b953835827d6721f5bc24e3 [diff]
Merge pull request #242 from yusmer96-maker/yusmer96-maker-patch-1

Implement overflow check in MaxCompressedLength function
diff --git a/snappy.cc b/snappy.cc
index ab61792..9826151 100644
--- a/snappy.cc
+++ b/snappy.cc

@@ -74,6 +74,7 @@
 #include <cstdint>
 #include <cstdio>
 #include <cstring>
+#include <limits>
 #include <memory>
 #include <string>
 #include <utility>
@@ -194,6 +195,11 @@
 }  // namespace
 
 size_t MaxCompressedLength(size_t source_bytes) {
+  // Avoid integer overflow that could cause undersized buffer allocations.
+  // Return std::numeric_limits<size_t>::max() to force a controlled allocation failure.
+  if (source_bytes > (std::numeric_limits<size_t>::max() - 32) / 7 * 6) {
+    return std::numeric_limits<size_t>::max();
+  }
   // Compressed data can be defined as:
   //    compressed := item* literal*
   //    item       := literal* copy