/src/xz/src/liblzma/common/vli_decoder.c

Source (jump to first uncovered line)
///////////////////////////////////////////////////////////////////////////////
//
/// \file       vli_decoder.c
/// \brief      Decodes variable-length integers
//
//  Author:     Lasse Collin
//
//  This file has been put into the public domain.
//  You can do whatever you want with this file.
//
///////////////////////////////////////////////////////////////////////////////

#include "common.h"


extern LZMA_API(lzma_ret)
lzma_vli_decode(lzma_vli *restrict vli, size_t *vli_pos,
    const uint8_t *restrict in, size_t *restrict in_pos,
    size_t in_size)
{
  // If we haven't been given vli_pos, work in single-call mode.
  size_t vli_pos_internal = 0;
  if (vli_pos == NULL) {
    vli_pos = &vli_pos_internal;
    *vli = 0;

    // If there's no input, use LZMA_DATA_ERROR. This way it is
    // easy to decode VLIs from buffers that have known size,
    // and get the correct error code in case the buffer is
    // too short.
    if (*in_pos >= in_size)
      return LZMA_DATA_ERROR;

  } else {
    // Initialize *vli when starting to decode a new integer.
    if (*vli_pos == 0)
      *vli = 0;

    // Validate the arguments.
    if (*vli_pos >= LZMA_VLI_BYTES_MAX
        || (*vli >> (*vli_pos * 7)) != 0)
      return LZMA_PROG_ERROR;;

    if (*in_pos >= in_size)
      return LZMA_BUF_ERROR;
  }

  do {
    // Read the next byte. Use a temporary variable so that we
    // can update *in_pos immediately.
    const uint8_t byte = in[*in_pos];
    ++*in_pos;

    // Add the newly read byte to *vli.
    *vli += (lzma_vli)(byte & 0x7F) << (*vli_pos * 7);
    ++*vli_pos;

    // Check if this is the last byte of a multibyte integer.
    if ((byte & 0x80) == 0) {
      // We don't allow using variable-length integers as
      // padding i.e. the encoding must use the most the
      // compact form.
      if (byte == 0x00 && *vli_pos > 1)
        return LZMA_DATA_ERROR;

      return vli_pos == &vli_pos_internal
          ? LZMA_OK : LZMA_STREAM_END;
    }

    // There is at least one more byte coming. If we have already
    // read maximum number of bytes, the integer is considered
    // corrupt.
    //
    // If we need bigger integers in future, old versions liblzma
    // will confusingly indicate the file being corrupt instead of
    // unsupported. I suppose it's still better this way, because
    // in the foreseeable future (writing this in 2008) the only
    // reason why files would appear having over 63-bit integers
    // is that the files are simply corrupt.
    if (*vli_pos == LZMA_VLI_BYTES_MAX)
      return LZMA_DATA_ERROR;

  } while (*in_pos < in_size);

  return vli_pos == &vli_pos_internal ? LZMA_DATA_ERROR : LZMA_OK;
}

Line	Count	Source (jump to first uncovered line)
1		///////////////////////////////////////////////////////////////////////////////
2		//
3		/// \file vli_decoder.c
4		/// \brief Decodes variable-length integers
5		//
6		// Author: Lasse Collin
7		//
8		// This file has been put into the public domain.
9		// You can do whatever you want with this file.
10		//
11		///////////////////////////////////////////////////////////////////////////////
12
13		#include "common.h"
14
15
16		extern LZMA_API(lzma_ret)
17		lzma_vli_decode(lzma_vli restrict vli, size_t vli_pos,
18		const uint8_t restrict in, size_t restrict in_pos,
19		size_t in_size)
20	1.19M	{
21		// If we haven't been given vli_pos, work in single-call mode.
22	1.19M	size_t vli_pos_internal = 0;
23	1.19M	if (vli_pos == NULL) {
24	1.14M	vli_pos = &vli_pos_internal;
25	1.14M	*vli = 0;
26
27		// If there's no input, use LZMA_DATA_ERROR. This way it is
28		// easy to decode VLIs from buffers that have known size,
29		// and get the correct error code in case the buffer is
30		// too short.
31	1.14M	if (*in_pos >= in_size)
32	191	return LZMA_DATA_ERROR;
33
34	1.14M	} else {
35		// Initialize *vli when starting to decode a new integer.
36	51.9k	if (*vli_pos == 0)
37	51.9k	*vli = 0;
38
39		// Validate the arguments.
40	51.9k	if (*vli_pos >= LZMA_VLI_BYTES_MAX
41	51.9k	\|\| (vli >> (vli_pos * 7)) != 0)
42	51.9k	return LZMA_PROG_ERROR;;
43
44	51.9k	if (*in_pos >= in_size)
45	0	return LZMA_BUF_ERROR;
46	51.9k	}
47
48	1.20M	do {
49		// Read the next byte. Use a temporary variable so that we
50		// can update *in_pos immediately.
51	1.20M	const uint8_t byte = in[*in_pos];
52	1.20M	++*in_pos;
53
54		// Add the newly read byte to *vli.
55	1.20M	vli += (lzma_vli)(byte & 0x7F) << (vli_pos * 7);
56	1.20M	++*vli_pos;
57
58		// Check if this is the last byte of a multibyte integer.
59	1.20M	if ((byte & 0x80) == 0) {
60		// We don't allow using variable-length integers as
61		// padding i.e. the encoding must use the most the
62		// compact form.
63	1.19M	if (byte == 0x00 && *vli_pos > 1)
64	12	return LZMA_DATA_ERROR;
65
66	1.19M	return vli_pos == &vli_pos_internal
67	1.19M	? LZMA_OK : LZMA_STREAM_END;
68	1.19M	}
69
70		// There is at least one more byte coming. If we have already
71		// read maximum number of bytes, the integer is considered
72		// corrupt.
73		//
74		// If we need bigger integers in future, old versions liblzma
75		// will confusingly indicate the file being corrupt instead of
76		// unsupported. I suppose it's still better this way, because
77		// in the foreseeable future (writing this in 2008) the only
78		// reason why files would appear having over 63-bit integers
79		// is that the files are simply corrupt.
80	6.51k	if (*vli_pos == LZMA_VLI_BYTES_MAX)
81	8	return LZMA_DATA_ERROR;
82
83	6.51k	} while (*in_pos < in_size);
84
85	97	return vli_pos == &vli_pos_internal ? LZMA_DATA_ERROR : LZMA_OK;
86	1.19M	}

Coverage Report

Created: 2023-09-25 06:56