Gitiles
Code Review Sign In
gerrit.osmocom.org / osmo-pcu / 2d24eba903db365336dce56c29d6fbacf3b88112^! / . / src / egprs_rlc_compression.cpp
commit2d24eba903db365336dce56c29d6fbacf3b88112[log] [tgz]
authorAlexander Couzens <lynxis@fe80.eu>Mon Jun 17 01:41:29 2019 +0200
committerlaforge <laforge@gnumonks.org>Mon Jun 24 13:51:06 2019 +0000
tree84c628e47765056a7ab66b747f911ea41c4484c7
parent3a499f3cb25035c263a6e630ff7b27a659b6bdea [diff] [blame]
decompress_crbb: add length argument for search_runlen

search_runlen() must know the exact size in bits when parsing
the bits otherwise it read over the buffer.
Fixes testcase #7 which was wrongly decoded.

Change-Id: Ie34a0651e7e7efea4e9ecff1e3a467588113cf47

diff --git a/src/egprs_rlc_compression.cpp b/src/egprs_rlc_compression.cpp
index 014e930..8f4fd87 100644
--- a/src/egprs_rlc_compression.cpp
+++ b/src/egprs_rlc_compression.cpp

@@ -449,6 +449,7 @@
 /* Calculate runlength of a  codeword
  * \param root[in]  Root of Ones or Zeros tree
  * \param bmbuf[in] Received compressed bitmap buf
+ * \param length[in] Length of bitmap buf in bits
  * \param bit_pos[in] The start bit pos to read codeword
  * \param len_codewd[in] Length of code word
  * \param rlen[out] Calculated run length
@@ -456,6 +457,7 @@
 static int search_runlen(
 		egprs_compress_node *root,
 		const uint8_t *bmbuf,
+		uint8_t length,
 		uint8_t bit_pos,
 		uint8_t *len_codewd,
 		uint16_t *rlen)
@@ -469,6 +471,9 @@
 	while (iter->run_length == -1) {
 		if ((!iter->left) && (!iter->right))
 			return -1;
+		if (bit_pos >= length)
+			return -1;
+
 		/* get the bit value at the bitpos and put it in right most of dir */
 		dir = (bmbuf[bit_pos/8] >> (7 - (bit_pos & 0x07))) & 0x01;
 		bit_pos++;
@@ -498,7 +503,7 @@
 		const uint8_t *orig_crbb_buf,
 		bitvec *dest)
 {
-
+	int8_t remaining_bmap_len = compress_bmap_len;
 	uint8_t bit_pos = 0;
 	uint8_t data;
 	egprs_compress_node *list = NULL;
@@ -509,7 +514,7 @@
 	int rc = 0;
 	egprs_compress *compress = instance();
 
-	while (compress_bmap_len > 0) {
+	while (remaining_bmap_len > 0) {
 		if (start) {
 			data = 0xff;
 			list = compress->ones_list;
@@ -517,7 +522,7 @@
 			data = 0x00;
 			list = compress->zeros_list;
 		}
-		rc = search_runlen(list, orig_crbb_buf,
+		rc = search_runlen(list, orig_crbb_buf, compress_bmap_len,
 				bit_pos, &nbits, &run_length);
 		if (rc == -1)
 			return -1;
@@ -525,6 +530,7 @@
 		if (run_length < 64)
 			start = !start;
 		cbmaplen = cbmaplen + run_length;
+
 		/* put run length of Ones in uncompressed bitmap */
 		while (run_length != 0) {
 			if (run_length > 8) {
@@ -536,7 +542,7 @@
 			}
 		}
 		bit_pos = bit_pos + nbits;
-		compress_bmap_len = compress_bmap_len - nbits;
+		remaining_bmap_len = remaining_bmap_len - nbits;
 	}
 	return 0;
 }