From: Yann Collet <yann.collet.73@gmail.com>
Date: Wed, 26 Aug 2015 21:45:23 +0000 (+0100)
Subject: fixed minor issue on decoding invalid data
X-Git-Tag: v0.1.1^2~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=352ab88aea1ea56434c4ba6052f051627b4417b2;p=thirdparty%2Fzstd.git

fixed minor issue on decoding invalid data
---

diff --git a/lib/fse.c b/lib/fse.c
index 9221151ac..d008d30c4 100644
--- a/lib/fse.c
+++ b/lib/fse.c
@@ -1530,12 +1530,14 @@ size_t FSE_initDStream(FSE_DStream_t* bitD, const void* srcBuffer, size_t srcSiz
  */
 static size_t FSE_lookBits(FSE_DStream_t* bitD, U32 nbBits)
 {
-    return ((bitD->bitContainer << (bitD->bitsConsumed & ((sizeof(bitD->bitContainer)*8)-1))) >> 1) >> (((sizeof(bitD->bitContainer)*8)-1)-nbBits);
+    const U32 bitMask = sizeof(bitD->bitContainer)*8 - 1;
+    return ((bitD->bitContainer << (bitD->bitsConsumed & bitMask)) >> 1) >> ((bitMask-nbBits) & bitMask);
 }
 
 static size_t FSE_lookBitsFast(FSE_DStream_t* bitD, U32 nbBits)   /* only if nbBits >= 1 !! */
 {
-    return (bitD->bitContainer << (bitD->bitsConsumed & ((sizeof(bitD->bitContainer)*8)-1))) >> ((sizeof(bitD->bitContainer)*8)-nbBits);
+    const U32 bitMask = sizeof(bitD->bitContainer)*8 - 1;
+    return (bitD->bitContainer << (bitD->bitsConsumed & bitMask)) >> (-nbBits & bitMask);
 }
 
 static void FSE_skipBits(FSE_DStream_t* bitD, U32 nbBits)
diff --git a/lib/zstd.c b/lib/zstd.c
index 462b335a0..23fdff73b 100644
--- a/lib/zstd.c
+++ b/lib/zstd.c
@@ -1389,7 +1389,7 @@ static void ZSTD_decodeSequence(seq_t* seq, seqState_t* seqState)
         if (ZSTD_32bits()) FSE_reloadDStream(&(seqState->DStream));
         nbBits = offsetCode - 1;
         if (offsetCode==0) nbBits = 0;   /* cmove */
-        offset = ((size_t)1 << nbBits) + FSE_readBits(&(seqState->DStream), nbBits);
+        offset = ((size_t)1 << (nbBits & ((sizeof(offset)*8)-1))) + FSE_readBits(&(seqState->DStream), nbBits);
         if (ZSTD_32bits()) FSE_reloadDStream(&(seqState->DStream));
         if (offsetCode==0) offset = prevOffset;
     }
diff --git a/programs/fullbench.c b/programs/fullbench.c
index a7dbac3b8..3ca219979 100644
--- a/programs/fullbench.c
+++ b/programs/fullbench.c
@@ -616,7 +616,7 @@ int main(int argc, char** argv)
 
                     /* Modify Nb Iterations */
                 case 'i':
-                    if ((argument[1] >='1') && (argument[1] <='9'))
+                    if ((argument[1] >='0') && (argument[1] <='9'))
                     {
                         int iters = argument[1] - '0';
                         BMK_SetNbIterations(iters);