I reported many issues which cause zling to crash on decompression found by AFL (via e-mail on 2015-02-11). They are still unfixed, and I think enough time has elapsed that it is better to disclose them publicly.

They have been uploaded to https://github.com/nemequ/compfuzz/tree/master/libraries/zling/codecs/zling/decompress/crashes

Some of them may require AddressSanitizer (or possibly a similar tool, such as valgrind) in order to trigger the crash on a specific machine. Some are probably exploitable, all are potential vectors for a DoS attack.