File libmspack-mszipd-inflate-off-by-one.patch of Package libmspack.26620
From 3673b713d15bbd3ce564b8e313a121bad23aa362 Mon Sep 17 00:00:00 2001
From: Stuart Caie <kyzer@4u.net>
Date: Sun, 18 Jan 2015 14:38:56 +0000
Subject: [PATCH] distance codes are 0-29, not 0-30
---
libmspack/trunk/ChangeLog | 3 +++
libmspack/trunk/mspack/mszipd.c | 2 +-
2 files changed, 4 insertions(+), 1 deletion(-)
#diff --git a/libmspack/trunk/ChangeLog b/libmspack/trunk/ChangeLog
#index 5374ac8..97eb31b 100644
#--- a/libmspack/trunk/ChangeLog
#+++ b/libmspack/trunk/ChangeLog
#@@ -6,6 +6,9 @@
# two blocks, leaving just 1 byte in the read buffer. Thanks to Jakub
# Wilk for finding the issue and providing a sample file.
#
#+ * inflate(): off-by-one error. Distance codes are 0-29, not 0-30.
#+ Thanks to Jakub Wilk again.
#+
# 2015-01-17 Stuart Caie <kyzer@4u.net>
#
# * GET_UTF8_CHAR(): Remove 5/6-byte encoding support and check decoded
diff --git a/libmspack/trunk/mspack/mszipd.c b/libmspack/trunk/mspack/mszipd.c
index cd85bb9..5b4756d 100644
--- a/libmspack/trunk/mspack/mszipd.c
+++ b/libmspack/trunk/mspack/mszipd.c
@@ -264,7 +264,7 @@ static int inflate(struct mszipd_stream *zip) {
length += lit_lengths[code];
READ_HUFFSYM(DISTANCE, code);
- if (code > 30) return INF_ERR_DISTCODE;
+ if (code >= 30) return INF_ERR_DISTCODE;
READ_BITS_T(distance, dist_extrabits[code]);
distance += dist_offsets[code];
--
2.4.3