#3 Still more Valgrind uninit warnings (SECURITY?)

[David Wagner]

Here's a file that reveals still more Valgrind warnings:
http://www.cs.berkeley.edu/~daw/tmp/bug7.lzo

This might be related to bugs #2015363 and #2015365.

Valgrind output from valgrind lzop -d bug7.lzo:

==22744== Memcheck, a memory error detector.
==22744== Copyright (C) 2002-2007, and GNU GPL'd, by Julian Seward et al.
==22744== Using LibVEX rev 1804, a library for dynamic binary translation.
==22744== Copyright (C) 2004-2007, and GNU GPL'd, by OpenWorks LLP.
==22744== Using valgrind-3.3.0, a dynamic binary instrumentation framework.
==22744== Copyright (C) 2000-2007, and GNU GPL'd, by Julian Seward et al.
==22744== For more details, rerun with: -v
==22744==
==22744== Conditional jump or move depends on uninitialised value(s)
==22744== at 0x3D53E14007: lzo1x_decompress_safe (lzo1x_d.ch:376)
==22744== by 0x4083D9: lzo_decompress (p_lzo.c:516)
==22744== by 0x4073B0: x_decompress (compress.c:315)
==22744== by 0x405FE6: do_decompress (lzop.c:2035)
==22744== by 0x40648E: do_one_file (lzop.c:2053)
==22744== by 0x406B69: main (lzop.c:2115)
==22744==
==22744== Conditional jump or move depends on uninitialised value(s)
==22744== at 0x3D53E14010: lzo1x_decompress_safe (lzo1x_d.ch:376)
==22744== by 0x4083D9: lzo_decompress (p_lzo.c:516)
==22744== by 0x4073B0: x_decompress (compress.c:315)
==22744== by 0x405FE6: do_decompress (lzop.c:2035)
==22744== by 0x40648E: do_one_file (lzop.c:2053)
==22744== by 0x406B69: main (lzop.c:2115)
==22744==
==22744== Conditional jump or move depends on uninitialised value(s)
==22744== at 0x3D53E14041: lzo1x_decompress_safe (lzo1x_d.ch:383)
==22744== by 0x4083D9: lzo_decompress (p_lzo.c:516)
==22744== by 0x4073B0: x_decompress (compress.c:315)
==22744== by 0x405FE6: do_decompress (lzop.c:2035)
==22744== by 0x40648E: do_one_file (lzop.c:2053)
==22744== by 0x406B69: main (lzop.c:2115)
==22744==
==22744== Use of uninitialised value of size 8
==22744== at 0x3D53E13F5D: lzo1x_decompress_safe (lzo1x_d.ch:398)
==22744== by 0x4083D9: lzo_decompress (p_lzo.c:516)
==22744== by 0x4073B0: x_decompress (compress.c:315)
==22744== by 0x405FE6: do_decompress (lzop.c:2035)
==22744== by 0x40648E: do_one_file (lzop.c:2053)
==22744== by 0x406B69: main (lzop.c:2115)
==22744==
==22744== Use of uninitialised value of size 8
==22744== at 0x3D53E13F78: lzo1x_decompress_safe (lzo1x_d.ch:399)
==22744== by 0x4083D9: lzo_decompress (p_lzo.c:516)
==22744== by 0x4073B0: x_decompress (compress.c:315)
==22744== by 0x405FE6: do_decompress (lzop.c:2035)
==22744== by 0x40648E: do_one_file (lzop.c:2053)
==22744== by 0x406B69: main (lzop.c:2115)
==22744==
==22744== Use of uninitialised value of size 8
==22744== at 0x3D53E13F89: lzo1x_decompress_safe (lzo1x_d.ch:399)
==22744== by 0x4083D9: lzo_decompress (p_lzo.c:516)
==22744== by 0x4073B0: x_decompress (compress.c:315)
==22744== by 0x405FE6: do_decompress (lzop.c:2035)
==22744== by 0x40648E: do_one_file (lzop.c:2053)
==22744== by 0x406B69: main (lzop.c:2115)
==22744==
==22744== Conditional jump or move depends on uninitialised value(s)
==22744== at 0x3D53E13CD8: lzo1x_decompress_safe (lzo1x_d.ch:410)
==22744== by 0x4083D9: lzo_decompress (p_lzo.c:516)
==22744== by 0x4073B0: x_decompress (compress.c:315)
==22744== by 0x405FE6: do_decompress (lzop.c:2035)
==22744== by 0x40648E: do_one_file (lzop.c:2053)
==22744== by 0x406B69: main (lzop.c:2115)
lzop: bug5b.lzo: Compressed data violation
==22744==
==22744== ERROR SUMMARY: 2649 errors from 7 contexts (suppressed: 4 from 1)

This may well be a duplicate of the two earlier bugs I've reproduced (or at least related to them), but I wanted to share this test case as well since it seems to trigger even more errors, and from slightly different line numbers.

Temporarily marked private, in case this has any security implications.