A shell weakness occurs when a program enables an attacker to execute unexpected commands on the operating system.
This causes a new program to execute and is difficult to use safely.
The highlighted line of code below is the trigger point of this particular Alpine 3.9 shell weakness.
int input_buffer_size, off_t output_length, char is_delta); /* see description of output_length in lzxd_init() */ extern void lzxd_set_output_length(struct lzxd_stream *lzx, off_t output_length); /** * Reads LZX DELTA reference data into the window and allows * lzxd_decompress() to reference it. * * Call this before the first call to lzxd_decompress(). * @param lzx the LZX stream to apply this reference data to * @param system an mspack_system implementation to use with the * input param. Only read() will be called. * @param input an input file handle to read reference data using * system->read(). * @param length the length of the reference data. Cannot be longer * than the LZX window size. * @return an error code, or MSPACK_ERR_OK if successful */ extern int lzxd_set_reference_data(struct lzxd_stream *lzx, struct mspack_system *system, struct mspack_file *input, unsigned int length); /** * Decompresses entire or partial LZX streams. * * The number of bytes of data that should be decompressed is given as the * out_bytes parameter. If more bytes are decoded than are needed, they * will be kept over for a later invocation. * * The output bytes will be passed to the system->write() function given in * lzxd_init(), using the output file handle given in lzxd_init(). More than * one call may be made to system->write(). * Input bytes will be read in as necessary using the system->read() * function given in lzxd_init(), using the input file handle given in * lzxd_init(). This will continue until system->read() returns 0 bytes, * or an error. Errors will be passed out of the function as * MSPACK_ERR_READ errors. Input streams should convey an "end of input * stream" by refusing to supply all the bytes that LZX asks for when they * reach the end of the stream, rather than return an error code. * * If any error code other than MSPACK_ERR_OK is returned, the stream * should be considered unusable and lzxd_decompress() should not be * called again on this stream.