Hi Idor! The issue lies in the RC_NORM macro in LzmaDec.c. This macro normalizes

1. Hi Idor! The issue lies in the RC_NORM macro in LzmaDec.c. This macro normalizes range and code values during decoding and increments the buf pointer (`p->buf++`) without verifying if it exceeds allocated memory or the bufLimit. The lack of bounds checking allows a custom forged LZMA stream to manipulate range and code which causes the buf pointer to overflow into adjacent memory. By designing the LZMA stream with very low frequency symbols, we can exploit this to overwrite critical memory regions like as return addresses or function pointers. To put it simply, this vulnerability arises from inadequate validation of the LZMA stream structure which enables malformed input to trigger the overflow and execute arbitrary code. Remember this is a PROOF OF CONCEPT