Author :
Tomas Hoger
Date :
2011-09-11 09:08:40
Hash :86c3c69c Message :Protect against loops in the prefix table.
LZW decompressor did not sufficiently check codes read from the
input LZW stream. A specially-crafted or corrupted input could
create a loop in the prefix table, which leads to memory usage
spikes, as there's no decompression stack size limit.
* src/lzw/ftzopen.c (ft_lzwstate_io) <FT_LZW_PHASE_START>: First
code in valid LZW stream must be 0..255.
<FT_LZW_PHASE_CODE>: In the special KwKwK case, code == free_ent,
code > free_ent is invalid.
Tomas Hoger