From 5fca0fe6cdbe90d31cce2ef17c1d76a8cfe0f921 Mon Sep 17 00:00:00 2001
From: Nick Bowler <nbowler@draconx.ca>
Date: Thu, 3 May 2012 20:28:52 -0400
Subject: [PATCH] libupkg: Fix spurious success in upkg_decode_index.

Make the upkg_decode_index function fail if the input is truncated,
rather than successfully returning a bogus value.  As an added bonus,
this actually simplifies the code.
---
 src/libupkg.c | 19 +++++++------------
 1 file changed, 7 insertions(+), 12 deletions(-)

diff --git a/src/libupkg.c b/src/libupkg.c
index 178e235..3ecce7f 100644
--- a/src/libupkg.c
+++ b/src/libupkg.c
@@ -112,10 +112,9 @@ const struct upkg_file_ops upkg_default_fops = {
  */
 size_t upkg_decode_index(long *val, unsigned char *bytes, size_t n)
 {
-	size_t i = 0;
-
 	*val = 0;
-	while (i < MIN(n, 5)) {
+
+	for (size_t i = 0; i < MIN(n, 5); i++) {
 		/*
 		 * Least significant bytes are first, so we need to do this
 		 * nonsense.
@@ -127,18 +126,14 @@ size_t upkg_decode_index(long *val, unsigned char *bytes, size_t n)
 		*val += tmp;
 
 		if (!(bytes[i] & (i == 0 ? 0x40 : 0x80))) {
-			i++;
-			break;
+			if (bytes[0] & 0x80)
+				*val = -*val;
+			return i+1;
 		}
-
-		i++;
 	}
 
-	if (i > MIN(n, 5) || n == 0)
-		return 0;
-	if (bytes[0] & 0x80)
-		*val = -*val;
-	return i;
+	/* Error */
+	return 0;
 }
 
 static struct upkg_priv *init_upkg(unsigned char hdr[static UPKG_HDR_SIZE])
-- 
2.43.0