lz4: Cherrypick fix for CVE-2021-3520

There should be no risk of us accidentally hitting this since we'd need maliciously malformed data to wind up in the pipeline, or a very unfortunate random bit flip at exactly the right moment. Still since we can handle it we should. Reviewed-by: Igor Kozhukhov <[email protected]> Reviewed-by: George Melikov <[email protected]> Reviewed-by: Brian Behlendorf <[email protected]> Reviewed-by: Adam Moss <[email protected]> Signed-off-by: Rich Ercolani <[email protected]> Closes #12947
author: Rich Ercolani <[email protected]> 2022-01-12 19:14:36 -0500
committer: GitHub <[email protected]> 2022-01-12 16:14:36 -0800
commit: 63f4bfd6ac486fc585c1df8f063586d26487bec6 (patch)
tree: 4ec2129faaf3fe4599c24f0eea3d509d65698619 /module/zfs/lz4.c
parent: d6c1bbdd651654df781f5e5b67c31cb742c9c773 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/module/zfs/lz4.c b/module/zfs/lz4.c
index 800635b34..75a31bf17 100644
--- a/module/zfs/lz4.c
+++ b/module/zfs/lz4.c
@@ -541,7 +541,7 @@ LZ4_decompress_generic(
                  const size_t dictSize         /* note : = 0 if noDict */
                  )
 {
-    if (src == NULL) { return -1; }
+    if ((src == NULL) || (outputSize < 0)) { return -1; }
 
     {   const BYTE* ip = (const BYTE*) src;
         const BYTE* const iend = ip + srcSize;
author	Rich Ercolani <[email protected]>	2022-01-12 19:14:36 -0500
committer	GitHub <[email protected]>	2022-01-12 16:14:36 -0800
commit	63f4bfd6ac486fc585c1df8f063586d26487bec6 (patch)
tree	4ec2129faaf3fe4599c24f0eea3d509d65698619 /module/zfs/lz4.c
parent	d6c1bbdd651654df781f5e5b67c31cb742c9c773 (diff)