Fix a read-past-end in the LZ4 code.

author Steinar H. Gunderson <steinar+ddr@gunderson.no>

Thu, 26 Dec 2019 13:01:58 +0000 (14:01 +0100)

committer Steinar H. Gunderson <steinar+ddr@gunderson.no>

Thu, 26 Dec 2019 13:40:28 +0000 (14:40 +0100)
author Steinar H. Gunderson <steinar+ddr@gunderson.no>
Thu, 26 Dec 2019 13:01:58 +0000 (14:01 +0100)
committer Steinar H. Gunderson <steinar+ddr@gunderson.no>
Thu, 26 Dec 2019 13:40:28 +0000 (14:40 +0100)
diff --git a/patches/lz4 b/patches/lz4

index 3013251d7c2e508ba6beb559c9ed31aa383f64c6..5ba8f7608f5a911904c611689a0e1c7ee7ff7d72 100644 (file)
--- a/patches/lz4
+++ b/patches/lz4
@@ -42,11 +42,11 @@ apply "8002faac:                    \
         addiu a1, a1, 1 ;               \  # (delay slot) Increment output.
         beq a0, s0, done ;              \  # If we're at the end of the input, skip directly to the end
   parse_match:                          \
-       lbu s1, 1(a0) ;                 \  # (delay slot) Load high byte of offset.
-       lbu s2, (a0) ;                  \  # (delay slot) Load low byte of offset.
+       addiu a0, a0, 2 ;               \  # (delay slot)
+       lbu s1, -1(a0) ;                \  # Load high byte of offset.
+       lbu s2, -2(a0) ;                \  # (delay slot) Load low byte of offset.
         sll s1, s1, 8 ;                 \  # (delay slot) Shift high byte into place.
         or s2, s2, s1 ;                 \  # Combine the two halves.
-       addiu a0, a0, 2 ;               \
         subu s2, a1, s2 ;               \  # Find position to copy from.
         addiu s3, s4, -15 ;             \  # If match length != 15, no more match bytes
         addu s4, s4, s2 ;               \  # Find end of match input.
author	Steinar H. Gunderson <steinar+ddr@gunderson.no>
	Thu, 26 Dec 2019 13:01:58 +0000 (14:01 +0100)
committer	Steinar H. Gunderson <steinar+ddr@gunderson.no>
	Thu, 26 Dec 2019 13:40:28 +0000 (14:40 +0100)