From: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Date: Tue, 6 Dec 2022 20:27:00 +0000 (+1300)
Subject: compression/huffman: debug function bails upon disaster (CID 1517261)
X-Git-Tag: talloc-2.4.0~199
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=44a44005a6b3222c599d4757d60af924b9cea459;p=thirdparty%2Fsamba.git

compression/huffman: debug function bails upon disaster (CID 1517261)

We shouldn't get a node with a zero code, and there's probably nothing
to do but stop.

   CID 1517261 (#1-2 of 2): Bad bit shift operation
   (BAD_SHIFT)11. negative_shift: In expression j >> offset - k,
   shifting by a negative amount has undefined behavior. The shift
   amount, offset - k, is -3.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Dec 19 23:29:04 UTC 2022 on sn-devel-184
---

diff --git a/lib/compression/lzxpress_huffman.c b/lib/compression/lzxpress_huffman.c
index e6ff4ed3b02..3eac8e3b2b6 100644
--- a/lib/compression/lzxpress_huffman.c
+++ b/lib/compression/lzxpress_huffman.c
@@ -1390,6 +1390,11 @@ static void debug_tree_codes(struct bitstream *input)
 			int k;
 			uint16_t j = q.code_code;
 			size_t offset = bitlen_nonzero_16(j) - 1;
+			if (unlikely(j == 0)) {
+				DBG("BROKEN code is 0!\n");
+				return;
+			}
+
 			for (k = 0; k <= offset; k++) {
 				bool b = (j >> (offset - k)) & 1;
 				bits[k] = b ? '1' : '0';