From 4405f8ac7a430834dd47992fd83973a6ef27b8ae Mon Sep 17 00:00:00 2001
From: paq <89paku@gmail.com>
Date: Sat, 11 Apr 2026 12:03:30 +0900
Subject: [PATCH 1/2] fix: `IOReader::decrement_depth` can underflow while
 `SliceReader` guards against zero

---
 zerompk/src/read.rs | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/zerompk/src/read.rs b/zerompk/src/read.rs
index c25c2a8..ee6aafc 100644
--- a/zerompk/src/read.rs
+++ b/zerompk/src/read.rs
@@ -988,7 +988,9 @@ impl<'de, R: std::io::Read> Read<'de> for IOReader<R> {
 
     #[inline(always)]
     fn decrement_depth(&mut self) {
-        self.depth -= 1;
+        if self.depth > 0 {
+            self.depth -= 1;
+        }
     }
 
     #[inline(always)]

From b917b58e40d334d642e8f73d1677adc1df129642 Mon Sep 17 00:00:00 2001
From: paq <89paku@gmail.com>
Date: Sat, 11 Apr 2026 12:09:40 +0900
Subject: [PATCH 2/2] test: add internal tests for depth_decrements

---
 zerompk/src/read.rs | 45 +++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 45 insertions(+)

diff --git a/zerompk/src/read.rs b/zerompk/src/read.rs
index ee6aafc..40093ff 100644
--- a/zerompk/src/read.rs
+++ b/zerompk/src/read.rs
@@ -1505,3 +1505,48 @@ impl<'de, R: std::io::Read> Read<'de> for IOReader<R> {
         }
     }
 }
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+
+    #[test]
+    fn slice_reader_decrement_depth_at_zero_does_not_underflow() {
+        let data = [0xc0];
+        let mut reader = SliceReader::new(&data);
+        assert_eq!(reader.depth, 0);
+        reader.decrement_depth();
+        assert_eq!(reader.depth, 0);
+    }
+
+    #[test]
+    fn slice_reader_decrement_depth_decrements() {
+        let data = [0xc0];
+        let mut reader = SliceReader::new(&data);
+        reader.increment_depth().unwrap();
+        assert_eq!(reader.depth, 1);
+        reader.decrement_depth();
+        assert_eq!(reader.depth, 0);
+    }
+
+    #[cfg(feature = "std")]
+    #[test]
+    fn io_reader_decrement_depth_at_zero_does_not_underflow() {
+        let data: &[u8] = &[0xc0];
+        let mut reader = IOReader::new(data);
+        assert_eq!(reader.depth, 0);
+        reader.decrement_depth();
+        assert_eq!(reader.depth, 0);
+    }
+
+    #[cfg(feature = "std")]
+    #[test]
+    fn io_reader_decrement_depth_decrements() {
+        let data: &[u8] = &[0xc0];
+        let mut reader = IOReader::new(data);
+        reader.increment_depth().unwrap();
+        assert_eq!(reader.depth, 1);
+        reader.decrement_depth();
+        assert_eq!(reader.depth, 0);
+    }
+}