[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v2] libxc: add LZ4 decompression support

To: "Ian Campbell" <Ian.Campbell@xxxxxxxxxx>, "Yann Collet" <yann.collet.73@xxxxxxxxx>
From: "Jan Beulich" <JBeulich@xxxxxxxx>
Date: Wed, 25 Sep 2013 09:36:53 +0100
Cc: xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Keir Fraser <keir@xxxxxxx>, Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx>
Delivery-date: Wed, 25 Sep 2013 08:36:48 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

>>> On 25.09.13 at 10:06, Yann Collet <yann.collet.73@xxxxxxxxx> wrote:
> There are 2 families of decoding functions within LZ4 :
> 
> 1) LZ4_decompress_fast* : These decoding functions must be used with
> trusted sources only. They only guarantee that they will write exactly the
> size of output buffer, but cannot guarantee anything regarding input
> buffer, since its size is unknown. (by the way, the amount of bytes read
> into input buffer is the result of the function).
> 
> 2) LZ4_decompress_safe* : These decoding functions are protected against
> malicious input. It resists fuzzer attack. This is the recommended choice
> for "general decompression usage".
> 
> Looking at the kernel code, at
> https://github.com/torvalds/linux/blob/master/lib/lz4/lz4_decompress.c 
> the naming seems different, but both variants are still there :
> 
> lz4_decompress is the equivalent of LZ4_decompress_fast.
> lz4_decompress_unknownoutputsize is the equivalent of LZ4_decompress_safe.
> 
> I would recommend to use the second one for untrusted sources.

Ah, okay. Will re-do the DomU patch then.

Jan


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

References:
- [Xen-devel] [PATCH 0/2] add LZ4 kernel decompression support
  - From: Jan Beulich
- [Xen-devel] [PATCH 2/2] libxc: add LZ4 decompression support
  - From: Jan Beulich
- Re: [Xen-devel] [PATCH 2/2] libxc: add LZ4 decompression support
  - From: Ian Campbell
- Re: [Xen-devel] [PATCH 2/2] libxc: add LZ4 decompression support
  - From: Jan Beulich
- Re: [Xen-devel] [PATCH 2/2] libxc: add LZ4 decompression support
  - From: Ian Campbell
- Re: [Xen-devel] [PATCH 2/2] libxc: add LZ4 decompression support
  - From: Ian Campbell
- Re: [Xen-devel] [PATCH 2/2] libxc: add LZ4 decompression support
  - From: Jan Beulich
- [Xen-devel] [PATCH v2] libxc: add LZ4 decompression support
  - From: Jan Beulich
- Re: [Xen-devel] [PATCH v2] libxc: add LZ4 decompression support
  - From: Ian Campbell
- Re: [Xen-devel] [PATCH v2] libxc: add LZ4 decompression support
  - From: Yann Collet
- Re: [Xen-devel] [PATCH v2] libxc: add LZ4 decompression support
  - From: Ian Campbell
- Re: [Xen-devel] [PATCH v2] libxc: add LZ4 decompression support
  - From: Yann Collet

Prev by Date: Re: [Xen-devel] [DRAFT] Coverity Access Policy
Next by Date: Re: [Xen-devel] Problems when creating domU on OMAP5
Previous by thread: Re: [Xen-devel] [PATCH v2] libxc: add LZ4 decompression support
Next by thread: Re: [Xen-devel] [PATCH v2] libxc: add LZ4 decompression support
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.