Two out of bounds reads in Zstandard / zstd
Zstandard or short zstd is a new compression algorithm and tool developed by Yann Collet. Fuzzing zstd with american fuzzy lop and address sanitizer uncovered two out of bounds reads.
Heap out of bounds read in function ZSTD_copy8:
Input sample
Upstream bug report
Git commit / fix
Stack out of bounds read in function HUF_readStats:
Input sample
Upstream bug report
Git commit / fix
The new zstd version 0.2.1 fixes both issues.
Heap out of bounds read in function ZSTD_copy8:
Input sample
Upstream bug report
Git commit / fix
Stack out of bounds read in function HUF_readStats:
Input sample
Upstream bug report
Git commit / fix
The new zstd version 0.2.1 fixes both issues.