Update the code to mostly match the new simpler file format

specification. Simplify things by removing most of the
support for known uncompressed size in most places.
There are some miscellaneous changes here and there too.

The API of liblzma has got many changes and still some
more will be done soon. While most of the code has been
updated, some things are not fixed (the command line tool
will choke with invalid filter chain, if nothing else).

Subblock filter is somewhat broken for now. It will be
updated once the encoded format of the Subblock filter
has been decided.

1 files changed, 38 insertions, 30 deletions

diff --git a/src/liblzma/common/vli_decoder.c b/src/liblzma/common/vli_decoder.c
index 2b89c1a7..faff6ccb 100644
--- a/src/liblzma/common/vli_decoder.c
+++ b/src/liblzma/common/vli_decoder.c
@@ -3,7 +3,7 @@
 /// \file       vli_decoder.c
 /// \brief      Decodes variable-length integers
 //
-//  Copyright (C) 2007 Lasse Collin
+//  Copyright (C) 2007-2008 Lasse Collin
 //
 //  This library is free software; you can redistribute it and/or
 //  modify it under the terms of the GNU Lesser General Public
@@ -25,45 +25,53 @@ lzma_vli_decode(lzma_vli *restrict vli, size_t *restrict vli_pos,
 		const uint8_t *restrict in, size_t *restrict in_pos,
 		size_t in_size)
 {
-	if (*vli > LZMA_VLI_VALUE_MAX || *vli_pos >= 9
-			|| (*vli >> (7 * *vli_pos)) != 0)
-		return LZMA_PROG_ERROR;
+	// If we haven't been given vli_pos, work in single-call mode.
+	size_t vli_pos_internal = 0;
+	if (vli_pos == NULL)
+		vli_pos = &vli_pos_internal;
 
-	if (*in_pos >= in_size)
-		return LZMA_BUF_ERROR;
+	// Initialize *vli when starting to decode a new integer.
+	if (*vli_pos == 0)
+		*vli = 0;
 
-	if (*vli_pos == 0) {
-		*vli_pos = 1;
+	// Validate the arguments.
+	if (*vli_pos >= LZMA_VLI_BYTES_MAX || *in_pos >= in_size
+			|| (*vli >> (*vli_pos * 7)) != 0)
+		return LZMA_PROG_ERROR;;
 
-		if (in[*in_pos] <= 0x7F) {
-			// Single-byte integer
-			*vli = in[*in_pos];
-			++*in_pos;
-			return LZMA_STREAM_END;
-		}
-
-		*vli = in[*in_pos] & 0x7F;
-		++*in_pos;
-	}
-
-	while (*in_pos < in_size) {
-		// Read in the next byte.
+	do {
+		// Read the next byte.
 		*vli |= (lzma_vli)(in[*in_pos] & 0x7F) << (*vli_pos * 7);
 		++*vli_pos;
 
 		// Check if this is the last byte of a multibyte integer.
-		if (in[*in_pos] & 0x80) {
-			++*in_pos;
-			return LZMA_STREAM_END;
+		if (!(in[*in_pos] & 0x80)) {
+			// We don't allow using variable-length integers as
+			// padding i.e. the encoding must use the most the
+			// compact form.
+			if (in[(*in_pos)++] == 0x00 && *vli_pos > 1)
+				return LZMA_DATA_ERROR;
+
+			return vli_pos == &vli_pos_internal
+					? LZMA_OK : LZMA_STREAM_END;
 		}
 
-		// Limit variable-length representation to nine bytes.
-		if (*vli_pos == 9)
+		++*in_pos;
+
+		// There is at least one more byte coming. If we have already
+		// read maximum number of bytes, the integer is considered
+		// corrupt.
+		//
+		// If we need bigger integers in future, old versions liblzma
+		// will confusingly indicate the file being corrupt istead of
+		// unsupported. I suppose it's still better this way, because
+		// in the foreseeable future (writing this in 2008) the only
+		// reason why files would appear having over 63-bit integers
+		// is that the files are simply corrupt.
+		if (*vli_pos == LZMA_VLI_BYTES_MAX)
 			return LZMA_DATA_ERROR;
 
-		// Increment input position only when the byte was accepted.
-		++*in_pos;
-	}
+	} while (*in_pos < in_size);
 
-	return LZMA_OK;
+	return vli_pos == &vli_pos_internal ? LZMA_DATA_ERROR : LZMA_OK;
 }