fix issues#45: check code length in decode huffman code table

Author: Yuta Imaya

src/rawinflate.js

@@ -333,6 +333,10 @@ Zlib.RawInflate.prototype.readCodeByTable = function(table) {
   codeWithLength = codeTable[bitsbuf & ((1 << maxCodeLength) - 1)];
   codeLength = codeWithLength >>> 16;
 
+  if (codeLength > bitsbuflen) {
+    throw new ('invalid code length: ' + codeLength);
+  }
+
   this.bitsbuf = bitsbuf >> codeLength;
   this.bitsbuflen = bitsbuflen - codeLength;
   this.ip = ip;

test/nodejs/node-test.js

@@ -182,6 +182,25 @@ describe("node inflate and deflate", function() {
 
     inflateOnlyTest(compressed, plain);
   });
+
+  it('issue#45 Infinite loop when decoding invalid zip file', function() {
+    var data = new Buffer([
+      0x08, 0x1D, 0x74, 0x65, 0x73, 0x74, 0x2f, 0x61,
+      0x2f, 0x62, 0x6c, 0x61, 0x68, 0x2e, 0x6a, 0x73,
+      0x55, 0x58, 0x0c, 0x00, 0x14, 0x2c, 0xdb, 0x55,
+      0xa9, 0x98, 0x85, 0x55, 0xf5, 0x01, 0x14, 0x00,
+      0x2b, 0x4b, 0x2c, 0x52, 0x28, 0x4e, 0x2d, 0x2a,
+      0x4b, 0x2d, 0x52, 0xb0, 0x55, 0xc8, 0x28, 0x29,
+      0x29, 0xd0, 0x4b,
+    ]);
+
+    assert.throws(
+      () => {
+        Zlib.inflateSync(data);
+      },
+      Error
+    );
+  })
 });
 
 // inflate test