So I looked at the zip code in it's non minified state for a bit.
the bug is here:
var len = 0;
var fpos = new Array(17);
fpos[0] = 0;
&&&&
function Rec() {
var curplace = Places[treepos];
var tmp;
if (debug)
document.write("<br>len:" + len + " treepos:" + treepos);
if (len == 17) { //war 17
return -1;
}
treepos++;
len++;
tmp = IsPat();
&&&&
if (fpos[len] >= fmax)
return -1;
--
specifically len becomes 17, array length is 17, fpos[17] is
undefined, the if >= fmax statement never fires, infinite loop occurs.
While I know I'm just a user, I would definitely vote for having an
alternative zip implementation which I could enable by replacing a
file, or something. I would also definitely vote to get rid of JXG,
because I found a bug only 50 test cases. Which gives a very high
probability that another bug will be found in the next 1000.
I will also do some investigation of replacing it on my side.
-tim
On 4/16/14, Tim Prepscius <[email protected]> wrote:
> Unfortunately I bring news of another bug.
>
> So, the JXG fails in some cases.
> I have a failing test case (which gpg is able to correctly handle),
> encrypted block, and a private key. In this test, an infinite loop
> occurs.
>
> The private key will eventually be made public anyways (I'm using it
> to build a test suite), so I don't mind sending it, but I'd rather not
> post it to a public list quite yet. Cause I'd like to use it a bit
> more.
>
> How can I get the necessary info to whomever?
>
> -tim
>
> p.s. Also, there are alternatives to JXG which I have tested quite a
> bit in the past which might be more reliable. I believe I used:
> https://github.com/gildas-lormeau/zip.js
> in a different project. I found only one bug in his/her implementation.
>
_______________________________________________
http://openpgpjs.org
Subscribe/unsubscribe: http://list.openpgpjs.org
