Sergey "Shnatsel" Davidoff

Sounds similar to https://github.com/danielgtaylor/arista/issues/88 I'll look into it.

Try this: http://dl.dropbox.com/u/5279564/palm-pre.tar.bz2

I had the same idea. Fuzzing can be of great help for discovering actually interesting inputs. This sounds fairly trivial, I'll see if I can whip up an implementation.

More specifically, this xz file decodes fine via the reference implementation but fails to decode with lzma-rs: [reference_succeeded_lzmars_failed.xz.gz](https://github.com/gendx/lzma-rs/files/4495203/reference_succeeded_lzmars_failed.xz.gz) (gzipped so that github would accept the upload) I've built a quick'n'dirty...

See also #20

xz2 crate already does this, its test harness can be used as reference: https://github.com/alexcrichton/xz2-rs/blob/master/tests/xz.rs

To make this issue a bit more actionable: The goal of the crate is to expose a thin wrapper on top of C API. This is fine as long as...

@Lokathor could you provide an example of this in the current code and how it goes wrong in practice?

The purpose this crate serves is now fulfilled by `-sys` crates that expose `unsafe fn`s, and then another crate creates an actually safe wrapper on top of that. FWIW there...

Sounds like a great idea! Alternatively you could let the API user set the limits, which is what the decompression libraries do. But if you know the size up front,...