Summary
In src/flb_snappy.c, the function flb_snappy_uncompress_framed_data validates out_data and out_len for NULL after the raw/block snappy fallback path. This means a caller passing NULL output pointers will be forwarded to flb_snappy_uncompress (which will likely crash or behave incorrectly) rather than receiving a clean -1 return.
The validation of out_data and out_len should be moved before the framed-format detection conditional so that both the raw fallback path and the framed path benefit from the guard.
Suggested fix
Move the out_data/out_len NULL checks and the output pointer initialization (*out_data = NULL, *out_len = 0) to the very top of the function, before the 10-byte stream identifier check.
Context
References
Summary
In
src/flb_snappy.c, the functionflb_snappy_uncompress_framed_datavalidatesout_dataandout_lenforNULLafter the raw/block snappy fallback path. This means a caller passingNULLoutput pointers will be forwarded toflb_snappy_uncompress(which will likely crash or behave incorrectly) rather than receiving a clean-1return.The validation of
out_dataandout_lenshould be moved before the framed-format detection conditional so that both the raw fallback path and the framed path benefit from the guard.Suggested fix
Move the
out_data/out_lenNULL checks and the output pointer initialization (*out_data = NULL,*out_len = 0) to the very top of the function, before the 10-byte stream identifier check.Context
References