From: Nick Terrell <terrelln@fb.com>
Date: Fri, 27 Jan 2023 19:14:56 +0000 (-0800)
Subject: Fix invalid assert in 32-bit decoding
X-Git-Tag: v1.5.4^2~19
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b3b43f2893fa03da3b8004b449a7ec590f0e1e5b;p=thirdparty%2Fzstd.git

Fix invalid assert in 32-bit decoding

The assert is only correct for valid sequences, so disable it for
everything execpt round trip fuzzers.
---

diff --git a/lib/decompress/zstd_decompress_block.c b/lib/decompress/zstd_decompress_block.c
index 95a5e109b..0d934043b 100644
--- a/lib/decompress/zstd_decompress_block.c
+++ b/lib/decompress/zstd_decompress_block.c
@@ -1241,7 +1241,13 @@ ZSTD_decodeSequence(seqState_t* seqState, const ZSTD_longOffset_e longOffsets)
                     offset = ofBase + (BIT_readBitsFast(&seqState->DStream, ofBits - extraBits) << extraBits);
                     BIT_reloadDStream(&seqState->DStream);
                     if (extraBits) offset += BIT_readBitsFast(&seqState->DStream, extraBits);
+#if defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION) && defined(FUZZING_ASSERT_VALID_SEQUENCE)
+                    /* This assert is only valid when decoding valid sequences.
+                     * It cal fail when we consume more bits than are in the bitstream,
+                     * which can happen on corruption.
+                     */
                     assert(extraBits <= LONG_OFFSETS_MAX_EXTRA_BITS_32);   /* to avoid another reload */
+#endif
                 } else {
                     offset = ofBase + BIT_readBitsFast(&seqState->DStream, ofBits/*>0*/);   /* <=  (ZSTD_WINDOWLOG_MAX-1) bits */
                     if (MEM_32bits()) BIT_reloadDStream(&seqState->DStream);