[PATCH] erofs-utils: lib: fix s->pos_in >= s->inlen case in kite_deflate_slow()

Gao Xiang hsiangkao at linux.alibaba.com
Thu Oct 2 10:37:50 AEST 2025


Do not clear `s->prev_valid` if kite_deflate_tally() doesn't fit.

Reproducible input (base64-encoded gzipped blob):

H4sICJKM22gCA3R4AJyUR67cMAyG9zlFLqBRelunJ3cQVGibeLJkiNS00wd2ejwPILOb8n9i
/zFaaK3Uw/TQdmoWS8w9gfU0mxEKtJ8CEzzBYXrwl4o4RbM0SDAcpje7/7Dufj2/euFePDMZ
Sz+bsXQbkMlmDNFM4BM0Q+wb77gBPPcGdO8fhnGGF8+EAU+1JcIrCOXr2zI5XcjGBANJK69l
NKn2kAWPbwG4B1JIzR89yRjsGONe/fjpn2NLMGgR30ZpKy8LkEaLV7l+WwHN49a5YankWAnN
gdgzrJw62Itnauz9p6/vVIgaIG49sj5QrPUOwWF1Qy+RsRZ5MzeHcBlnoX7I1XNRiU2s81yL
JqFbRpYxSI3FIw/Zj6TQr6vUSeQt+vOxMdd451jPYFJS6/npEWiqhSlssNzYAigJvXTQoBcX
IGnfw4WBTn4Ryvtaj8EEhZEvsjUgyBBlbduJRXaAIwGrfWqHKaxnXYWjz/+L0gJRyC48NfBJ
dUobYWjyDZLZkcJgxrc4CTnPdcboTpjAxdoLQxORv5oyd4azDmmn9e53jM+5Ri9+anVLEwjW
YnXQ5tk3/LdhGVV7seabQb2+e+zPFL57+uFgYy0DbglBqwO5f78nCH0U2jnOsFNCa6UKU7+t
3UTSdzzN90i/DbkTgFBBuJsAUgYAYaNhPVkMAAA=

Test command line: ./kite-deflate foo 512 9

Signed-off-by: Gao Xiang <hsiangkao at linux.alibaba.com>
---
 lib/kite_deflate.c | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/lib/kite_deflate.c b/lib/kite_deflate.c
index 1b273a4..f9eb3fb 100644
--- a/lib/kite_deflate.c
+++ b/lib/kite_deflate.c
@@ -1111,7 +1111,7 @@ nomatch:
 static bool kite_deflate_slow(struct kite_deflate *s)
 {
 	struct kite_matchfinder *mf = s->mf;
-	bool flush = false;
+	bool flush = false, eos = false;
 
 	kite_deflate_startblock(s);
 	while (1) {
@@ -1163,20 +1163,20 @@ static bool kite_deflate_slow(struct kite_deflate *s)
 			s->prev_longest = matches;
 		}
 
-		s->lastblock |= (s->pos_in >= s->inlen);
-		if (s->pos_in >= s->inlen) {
+		eos = (s->pos_in >= s->inlen);
+		if (eos || s->symbols >= s->max_symbols) {
+			s->lastblock |= eos;
 			flush = true;
 			break;
 		}
-		if (s->symbols >= s->max_symbols) {
-			kite_deflate_endblock(s);
-			break;
-		}
 	}
 
-	if (flush && s->prev_valid) {
-		(void)kite_deflate_tally(s, mf->matches + s->prev_longest);
-		s->prev_valid = false;
+	if (flush) {
+		if (eos && s->prev_valid) {
+			if (!kite_deflate_tally(s, mf->matches + s->prev_longest))
+				s->prev_valid = false;
+		}
+		kite_deflate_endblock(s);
 	}
 	return kite_deflate_commitblock(s);
 }
-- 
2.43.5



More information about the Linux-erofs mailing list