[Bug 2689] New: unlzma loops

Fri Oct 8 21:06:36 UTC 2010

https://bugs.busybox.net/show_bug.cgi?id=2689

           Summary: unlzma loops
           Product: Busybox
           Version: unspecified
          Platform: PC
        OS/Version: Linux
            Status: NEW
          Severity: minor
          Priority: P5
         Component: Other
        AssignedTo: unassigned at busybox.net
        ReportedBy: dborca at yahoo.com
                CC: busybox-cvs at busybox.net
   Estimated Hours: 0.0

Hi,

I just noticed that there's a wierd condition in a nested loop inside
decompress_unlzma.c.  To be more precise, the lzma main decoding looks like
this:

while (global_pos + buffer_pos < header.dst_size) {
  ...
  do {
    ...
  } while (len != 0 && buffer_pos < header.dst_size);
}

I'm interested in the do { } while condition (busybox-1.17.2.tar.bz2,
archival/libunarchive/decompress_unlzma.c, around line 449).  That code
is in busybox since the beginning of time.

buffer_pos is guaranteed to be inside [0 .. header.dict_size) interval
at all times, and its comparison against header.dst_size seems meaningless.
The total number of written bytes is given by global_pos + buffer_pos;
(see main while loop).

-- 
Configure bugmail: https://bugs.busybox.net/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.