lz4_CVE-2025-62813_null_pointer_check.patch

commit 93137e9042bd72b5158eae6175a0c4f2f67bd176
Author: Thomas Renninger <trenn@suse.de>
Date:   Wed Oct 29 10:51:52 2025 +0100

    Fix CVE-2025-62813
    
    This is a backport of lz4 mainline commit:
    f64efec011c058bd70348576438abac222fe6c82
    
    Which security people identified as a security vulnerability:
    http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2025-62813
    https://www.cve.org/CVERecord?id=CVE-2025-62813
    https://github.com/lz4/lz4/commit/f64efec011c058bd70348576438abac222fe6c82

diff --git a/util/cbfstool/lz4/lib/lz4frame.c b/util/cbfstool/lz4/lib/lz4frame.c
index aef508d8df..15673d4ca6 100644
--- a/util/cbfstool/lz4/lib/lz4frame.c
+++ b/util/cbfstool/lz4/lib/lz4frame.c
@@ -64,6 +64,7 @@ You can contact the author at :
 #include "lz4hc.h"
 #include "xxhash.h"
 
+#include <assert.h>
 
 /**************************************
 *  Basic Types
@@ -930,6 +931,10 @@ LZ4F_errorCode_t LZ4F_getFrameInfo(LZ4F_decompressionContext_t dCtx, LZ4F_frameI
 {
     LZ4F_dctx_t* dctxPtr = (LZ4F_dctx_t*)dCtx;
 
+    assert(dCtx != NULL);
+    if (frameInfoPtr == NULL || srcSizePtr == NULL)
+	    return (size_t)-LZ4F_ERROR_srcPtr_wrong;
+
     if (dctxPtr->dStage > dstage_storeHeader)   /* note : requires dstage_* header related to be at beginning of enum */
     {
         size_t o=0, i=0;
- Fix bsc#1252626, CVE-2025-62813 A lz4_CVE-2025-62813_null_pointer_check.patch OBS-URL: https://build.opensuse.org/package/show/hardware/coreboot-utils?expand=0&rev=52 2025-10-29 12:21:27 +00:00			`commit 93137e9042bd72b5158eae6175a0c4f2f67bd176`
			`Author: Thomas Renninger <trenn@suse.de>`
			`Date: Wed Oct 29 10:51:52 2025 +0100`

			`Fix CVE-2025-62813`

			`This is a backport of lz4 mainline commit:`
			`f64efec011c058bd70348576438abac222fe6c82`

			`Which security people identified as a security vulnerability:`
			`http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2025-62813`
			`https://www.cve.org/CVERecord?id=CVE-2025-62813`
			`https://github.com/lz4/lz4/commit/f64efec011c058bd70348576438abac222fe6c82`

			`diff --git a/util/cbfstool/lz4/lib/lz4frame.c b/util/cbfstool/lz4/lib/lz4frame.c`
			`index aef508d8df..15673d4ca6 100644`
			`--- a/util/cbfstool/lz4/lib/lz4frame.c`
			`+++ b/util/cbfstool/lz4/lib/lz4frame.c`
			`@@ -64,6 +64,7 @@ You can contact the author at :`
			`#include "lz4hc.h"`
			`#include "xxhash.h"`

			`+#include <assert.h>`

			`/**************************************`
			`* Basic Types`
			`@@ -930,6 +931,10 @@ LZ4F_errorCode_t LZ4F_getFrameInfo(LZ4F_decompressionContext_t dCtx, LZ4F_frameI`
			`{`
			`LZ4F_dctx_t* dctxPtr = (LZ4F_dctx_t*)dCtx;`

			`+ assert(dCtx != NULL);`
			`+ if (frameInfoPtr == NULL \|\| srcSizePtr == NULL)`
			`+ return (size_t)-LZ4F_ERROR_srcPtr_wrong;`
			`+`
			`if (dctxPtr->dStage > dstage_storeHeader) /* note : requires dstage_* header related to be at beginning of enum */`
			`{`
			`size_t o=0, i=0;`