Improve pglz_decompress's defenses against corrupt compressed data.
When processing a match tag, check to see if the claimed "off"
is more than the distance back to the output buffer start.
If it is, then the data is corrupt, and what's more we would
fetch from outside the buffer boundaries and potentially incur
a SIGSEGV. (Although the odds of that seem relatively low, given
that "off" can't be more than 4K.)
Back-patch to v13; before that, this function wasn't really
trying to protect against bad data.
Report and fix by Flavien Guedez.
Discussion: https://postgr.es/m/01fc0593-e31e-463d-902c-dd43174acee2@oopacity.net
Branch
------
master
Details
-------
https://git.postgresql.org/pg/commitdiff/9b103f861ea9d74c4c43e80c5c5dfcdc1e61f4a2
Modified Files
--------------
src/common/pg_lzcompress.c | 12 ++++++++----
1 file changed, 8 insertions(+), 4 deletions(-)