From 31d1cae8c68fbc765fd4394863b071788dbc9746 Mon Sep 17 00:00:00 2001
From: dweiller <4678790+dweiller@users.noreplay.github.com>
Date: Tue, 24 Jan 2023 13:14:06 +1100
Subject: [PATCH] std.compress.zstandard: validate fse table value count

---
 lib/std/compress/zstandard/decompress.zig | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/lib/std/compress/zstandard/decompress.zig b/lib/std/compress/zstandard/decompress.zig
index 75ca1b68a8..37ec8ebfd0 100644
--- a/lib/std/compress/zstandard/decompress.zig
+++ b/lib/std/compress/zstandard/decompress.zig
@@ -1418,8 +1418,7 @@ fn decodeFseTable(
     }
     bit_reader.alignToByte();
 
-    // TODO: check there are at least 2 non-zero probabilities
-
+    if (value_count < 2) return error.MalformedFseTable;
     if (accumulated_probability != total_probability) return error.MalformedFseTable;
     if (value_count > expected_symbol_count) return error.MalformedFseTable;