CVE-2023-34453

snappy-java is a fast compressor/decompressor for Java. Due to unchecked
multiplications, an integer overflow may occur in versions prior to
1.1.10.1, causing a fatal error. The function shuffle(int[] input) in the
file BitShuffle.java receives an array of integers and applies a bit
shuffle on it. It does so by multiplying the length by 4 and passing it to
the natively compiled shuffle function. Since the length is not tested, the
multiplication by four can cause an integer overflow and become a smaller
value than the true size, or even zero or negative. In the case of a
negative value, a java.lang.NegativeArraySizeException exception will
raise, which can crash the program. In a case of a value that is zero or
too small, the code that afterwards references the shuffled array will
assume a bigger size of the array, which might cause exceptions such as
java.lang.ArrayIndexOutOfBoundsException. The same issue exists also when
using the shuffle functions that receive a double, float, long and short,
each using a different multiplier that may cause the same issue. Version
1.1.10.1 contains a patch for this vulnerability.