Skip to content

Commit

Permalink
zlib/minizip: Update to version 1.3.1
Browse files Browse the repository at this point in the history
Minizip includes previously backported fix for CVE-2023-45853,
and a Debian patch for CVE-2014-9485 was also upstreamed.
  • Loading branch information
akien-mga committed Jan 24, 2024
1 parent 74c32fa commit 8ead8d2
Show file tree
Hide file tree
Showing 20 changed files with 136 additions and 137 deletions.
2 changes: 1 addition & 1 deletion COPYRIGHT.txt
Original file line number Diff line number Diff line change
Expand Up @@ -529,7 +529,7 @@ License: Expat

Files: ./thirdparty/zlib/
Comment: zlib
Copyright: 1995-2023, Jean-loup Gailly and Mark Adler
Copyright: 1995-2024, Jean-loup Gailly and Mark Adler
License: Zlib

Files: ./thirdparty/zstd/
Expand Down
6 changes: 2 additions & 4 deletions thirdparty/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -605,7 +605,7 @@ that file when upgrading.
## minizip

- Upstream: https://www.zlib.net
- Version: 1.3 (zlib contrib, 2023)
- Version: 1.3.1 (zlib contrib, 2024)
- License: zlib

Files extracted from the upstream source:
Expand All @@ -618,8 +618,6 @@ Important: Some files have Godot-made changes for use in core/io.
They are marked with `/* GODOT start */` and `/* GODOT end */`
comments and a patch is provided in the `patches` folder.

Another patch is included to fix CVE-2023-45853.


## misc

Expand Down Expand Up @@ -962,7 +960,7 @@ Files extracted from upstream source:
## zlib

- Upstream: https://www.zlib.net
- Version: 1.3 (2023)
- Version: 1.3.1 (2024)
- License: zlib

Files extracted from upstream source:
Expand Down
2 changes: 1 addition & 1 deletion thirdparty/minizip/ioapi.h
Original file line number Diff line number Diff line change
Expand Up @@ -144,7 +144,7 @@ typedef long (ZCALLBACK *tell_file_func) (voidpf opaque, voidpf stream)
typedef long (ZCALLBACK *seek_file_func) (voidpf opaque, voidpf stream, uLong offset, int origin);


/* here is the "old" 32 bits structure structure */
/* here is the "old" 32 bits structure */
typedef struct zlib_filefunc_def_s
{
open_file_func zopen_file;
Expand Down
36 changes: 0 additions & 36 deletions thirdparty/minizip/patches/CVE-2023-45853.patch

This file was deleted.

10 changes: 5 additions & 5 deletions thirdparty/minizip/patches/godot-seek.patch
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ index 782d32469a..2e89f5f41a 100644
+*/
+/* GODOT end */
diff --git a/thirdparty/minizip/ioapi.h b/thirdparty/minizip/ioapi.h
index c588a18d03..14266141c6 100644
index a2d2e6e60d..509b52da8a 100644
--- a/thirdparty/minizip/ioapi.h
+++ b/thirdparty/minizip/ioapi.h
@@ -155,6 +155,10 @@ typedef struct zlib_filefunc_def_s
Expand All @@ -52,7 +52,7 @@ index c588a18d03..14266141c6 100644

void fill_fopen64_filefunc(zlib_filefunc64_def* pzlib_filefunc_def);
diff --git a/thirdparty/minizip/unzip.c b/thirdparty/minizip/unzip.c
index ed763f89f1..2f8c5f3675 100644
index ea05b7d62a..981ba3c0cb 100644
--- a/thirdparty/minizip/unzip.c
+++ b/thirdparty/minizip/unzip.c
@@ -152,6 +152,9 @@ typedef struct
Expand Down Expand Up @@ -232,7 +232,7 @@ index ed763f89f1..2f8c5f3675 100644
return unzOpenCurrentFile3(file, NULL, NULL, 0, NULL);
}
diff --git a/thirdparty/minizip/unzip.h b/thirdparty/minizip/unzip.h
index 14105840f6..1a477ecb50 100644
index 5cfc9c6274..0639674574 100644
--- a/thirdparty/minizip/unzip.h
+++ b/thirdparty/minizip/unzip.h
@@ -202,6 +202,10 @@ extern int ZEXPORT unzClose(unzFile file);
Expand Down Expand Up @@ -261,7 +261,7 @@ index 14105840f6..1a477ecb50 100644

extern ZPOS64_T ZEXPORT unztell64(unzFile file);
diff --git a/thirdparty/minizip/zip.c b/thirdparty/minizip/zip.c
index 3d3d4cadde..e859f9e42f 100644
index 60bdffac34..1d2d918e72 100644
--- a/thirdparty/minizip/zip.c
+++ b/thirdparty/minizip/zip.c
@@ -820,9 +820,11 @@ extern zipFile ZEXPORT zipOpen3(const void *pathname, int append, zipcharpc* glo
Expand All @@ -279,7 +279,7 @@ index 3d3d4cadde..e859f9e42f 100644
ziinit.z_filefunc = *pzlib_filefunc64_32_def;

ziinit.filestream = ZOPEN64(ziinit.z_filefunc,
@@ -1171,8 +1173,10 @@ extern int ZEXPORT zipOpenNewFileInZip4_64(zipFile file, const char* filename, c
@@ -1182,8 +1184,10 @@ extern int ZEXPORT zipOpenNewFileInZip4_64(zipFile file, const char* filename, c
{
if(zi->ci.method == Z_DEFLATED)
{
Expand Down
8 changes: 4 additions & 4 deletions thirdparty/minizip/unzip.c
Original file line number Diff line number Diff line change
Expand Up @@ -117,7 +117,7 @@
const char unz_copyright[] =
" unzip 1.01 Copyright 1998-2004 Gilles Vollant - http://www.winimage.com/zLibDll";

/* unz_file_info_interntal contain internal info about a file in zipfile*/
/* unz_file_info64_internal contain internal info about a file in zipfile*/
typedef struct unz_file_info64_internal_s
{
ZPOS64_T offset_curfile;/* relative offset of local header 8 bytes */
Expand Down Expand Up @@ -453,7 +453,7 @@ local ZPOS64_T unz64local_SearchCentralDir64(const zlib_filefunc64_32_def* pzlib
if (unz64local_getLong(pzlib_filefunc_def,filestream,&uL)!=UNZ_OK)
return CENTRALDIRINVALID;

/* number of the disk with the start of the zip64 end of central directory */
/* number of the disk with the start of the zip64 end of central directory */
if (unz64local_getLong(pzlib_filefunc_def,filestream,&uL)!=UNZ_OK)
return CENTRALDIRINVALID;
if (uL != 0)
Expand Down Expand Up @@ -500,9 +500,9 @@ local unzFile unzOpenInternal(const void *path,
ZPOS64_T central_pos;
uLong uL;

uLong number_disk; /* number of the current dist, used for
uLong number_disk; /* number of the current disk, used for
spanning ZIP, unsupported, always 0*/
uLong number_disk_with_CD; /* number the the disk with central dir, used
uLong number_disk_with_CD; /* number the disk with central dir, used
for spanning ZIP, unsupported, always 0*/
ZPOS64_T number_entry_CD; /* total number of entries in
the central dir
Expand Down
2 changes: 1 addition & 1 deletion thirdparty/minizip/unzip.h
Original file line number Diff line number Diff line change
Expand Up @@ -310,7 +310,7 @@ extern int ZEXPORT unzGetCurrentFileInfo(unzFile file,
Get Info about the current file
if pfile_info!=NULL, the *pfile_info structure will contain some info about
the current file
if szFileName!=NULL, the filemane string will be copied in szFileName
if szFileName!=NULL, the filename string will be copied in szFileName
(fileNameBufferSize is the size of the buffer)
if extraField!=NULL, the extra field information will be copied in extraField
(extraFieldBufferSize is the size of the buffer).
Expand Down
10 changes: 5 additions & 5 deletions thirdparty/minizip/zip.c
Original file line number Diff line number Diff line change
Expand Up @@ -575,7 +575,7 @@ local ZPOS64_T zip64local_SearchCentralDir64(const zlib_filefunc64_32_def* pzlib
if (zip64local_getLong(pzlib_filefunc_def,filestream,&uL)!=ZIP_OK)
return 0;

/* number of the disk with the start of the zip64 end of central directory */
/* number of the disk with the start of the zip64 end of central directory */
if (zip64local_getLong(pzlib_filefunc_def,filestream,&uL)!=ZIP_OK)
return 0;
if (uL != 0)
Expand Down Expand Up @@ -614,9 +614,9 @@ local int LoadCentralDirectoryRecord(zip64_internal* pziinit) {
ZPOS64_T central_pos;
uLong uL;

uLong number_disk; /* number of the current dist, used for
uLong number_disk; /* number of the current disk, used for
spanning ZIP, unsupported, always 0*/
uLong number_disk_with_CD; /* number the the disk with central dir, used
uLong number_disk_with_CD; /* number of the disk with central dir, used
for spanning ZIP, unsupported, always 0*/
ZPOS64_T number_entry;
ZPOS64_T number_entry_CD; /* total number of entries in
Expand Down Expand Up @@ -1612,7 +1612,7 @@ extern int ZEXPORT zipCloseFileInZipRaw64(zipFile file, ZPOS64_T uncompressed_si

if((uLong)(datasize + 4) > zi->ci.size_centralExtraFree)
{
// we can not write more data to the buffer that we have room for.
// we cannot write more data to the buffer that we have room for.
return ZIP_BADZIPFILE;
}

Expand Down Expand Up @@ -1876,7 +1876,7 @@ extern int ZEXPORT zipClose(zipFile file, const char* global_comment) {
free_linkedlist(&(zi->central_dir));

pos = centraldir_pos_inzip - zi->add_position_when_writing_offset;
if(pos >= 0xffffffff || zi->number_entry > 0xFFFF)
if(pos >= 0xffffffff || zi->number_entry >= 0xFFFF)
{
ZPOS64_T Zip64EOCDpos = ZTELL64(zi->z_filefunc,zi->filestream);
Write_Zip64EndOfCentralDirectoryRecord(zi, size_centraldir, centraldir_pos_inzip);
Expand Down
4 changes: 2 additions & 2 deletions thirdparty/minizip/zip.h
Original file line number Diff line number Diff line change
Expand Up @@ -177,9 +177,9 @@ extern int ZEXPORT zipOpenNewFileInZip64(zipFile file,
filename : the filename in zip (if NULL, '-' without quote will be used
*zipfi contain supplemental information
if extrafield_local!=NULL and size_extrafield_local>0, extrafield_local
contains the extrafield data the the local header
contains the extrafield data for the local header
if extrafield_global!=NULL and size_extrafield_global>0, extrafield_global
contains the extrafield data the the local header
contains the extrafield data for the global header
if comment != NULL, comment contain the comment string
method contain the compression method (0 for store, Z_DEFLATED for deflate)
level contain the level of compression (can be Z_DEFAULT_COMPRESSION)
Expand Down
47 changes: 36 additions & 11 deletions thirdparty/zlib/deflate.c
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/* deflate.c -- compress data using the deflation algorithm
* Copyright (C) 1995-2023 Jean-loup Gailly and Mark Adler
* Copyright (C) 1995-2024 Jean-loup Gailly and Mark Adler
* For conditions of distribution and use, see copyright notice in zlib.h
*/

Expand Down Expand Up @@ -52,7 +52,7 @@
#include "deflate.h"

const char deflate_copyright[] =
" deflate 1.3 Copyright 1995-2023 Jean-loup Gailly and Mark Adler ";
" deflate 1.3.1 Copyright 1995-2024 Jean-loup Gailly and Mark Adler ";
/*
If you use the zlib library in a product, an acknowledgment is welcome
in the documentation of your product. If for some reason you cannot
Expand Down Expand Up @@ -493,7 +493,7 @@ int ZEXPORT deflateInit2_(z_streamp strm, int level, int method,
* symbols from which it is being constructed.
*/

s->pending_buf = (uchf *) ZALLOC(strm, s->lit_bufsize, 4);
s->pending_buf = (uchf *) ZALLOC(strm, s->lit_bufsize, LIT_BUFS);
s->pending_buf_size = (ulg)s->lit_bufsize * 4;

if (s->window == Z_NULL || s->prev == Z_NULL || s->head == Z_NULL ||
Expand All @@ -503,8 +503,14 @@ int ZEXPORT deflateInit2_(z_streamp strm, int level, int method,
deflateEnd (strm);
return Z_MEM_ERROR;
}
#ifdef LIT_MEM
s->d_buf = (ushf *)(s->pending_buf + (s->lit_bufsize << 1));
s->l_buf = s->pending_buf + (s->lit_bufsize << 2);
s->sym_end = s->lit_bufsize - 1;
#else
s->sym_buf = s->pending_buf + s->lit_bufsize;
s->sym_end = (s->lit_bufsize - 1) * 3;
#endif
/* We avoid equality with lit_bufsize*3 because of wraparound at 64K
* on 16 bit machines and because stored blocks are restricted to
* 64K-1 bytes.
Expand Down Expand Up @@ -720,9 +726,15 @@ int ZEXPORT deflatePrime(z_streamp strm, int bits, int value) {

if (deflateStateCheck(strm)) return Z_STREAM_ERROR;
s = strm->state;
#ifdef LIT_MEM
if (bits < 0 || bits > 16 ||
(uchf *)s->d_buf < s->pending_out + ((Buf_size + 7) >> 3))
return Z_BUF_ERROR;
#else
if (bits < 0 || bits > 16 ||
s->sym_buf < s->pending_out + ((Buf_size + 7) >> 3))
return Z_BUF_ERROR;
#endif
do {
put = Buf_size - s->bi_valid;
if (put > bits)
Expand Down Expand Up @@ -1294,7 +1306,7 @@ int ZEXPORT deflateCopy(z_streamp dest, z_streamp source) {
ds->window = (Bytef *) ZALLOC(dest, ds->w_size, 2*sizeof(Byte));
ds->prev = (Posf *) ZALLOC(dest, ds->w_size, sizeof(Pos));
ds->head = (Posf *) ZALLOC(dest, ds->hash_size, sizeof(Pos));
ds->pending_buf = (uchf *) ZALLOC(dest, ds->lit_bufsize, 4);
ds->pending_buf = (uchf *) ZALLOC(dest, ds->lit_bufsize, LIT_BUFS);

if (ds->window == Z_NULL || ds->prev == Z_NULL || ds->head == Z_NULL ||
ds->pending_buf == Z_NULL) {
Expand All @@ -1305,10 +1317,15 @@ int ZEXPORT deflateCopy(z_streamp dest, z_streamp source) {
zmemcpy(ds->window, ss->window, ds->w_size * 2 * sizeof(Byte));
zmemcpy((voidpf)ds->prev, (voidpf)ss->prev, ds->w_size * sizeof(Pos));
zmemcpy((voidpf)ds->head, (voidpf)ss->head, ds->hash_size * sizeof(Pos));
zmemcpy(ds->pending_buf, ss->pending_buf, (uInt)ds->pending_buf_size);
zmemcpy(ds->pending_buf, ss->pending_buf, ds->lit_bufsize * LIT_BUFS);

ds->pending_out = ds->pending_buf + (ss->pending_out - ss->pending_buf);
#ifdef LIT_MEM
ds->d_buf = (ushf *)(ds->pending_buf + (ds->lit_bufsize << 1));
ds->l_buf = ds->pending_buf + (ds->lit_bufsize << 2);
#else
ds->sym_buf = ds->pending_buf + ds->lit_bufsize;
#endif

ds->l_desc.dyn_tree = ds->dyn_ltree;
ds->d_desc.dyn_tree = ds->dyn_dtree;
Expand Down Expand Up @@ -1539,13 +1556,21 @@ local uInt longest_match(deflate_state *s, IPos cur_match) {
*/
local void check_match(deflate_state *s, IPos start, IPos match, int length) {
/* check that the match is indeed a match */
if (zmemcmp(s->window + match,
s->window + start, length) != EQUAL) {
fprintf(stderr, " start %u, match %u, length %d\n",
start, match, length);
Bytef *back = s->window + (int)match, *here = s->window + start;
IPos len = length;
if (match == (IPos)-1) {
/* match starts one byte before the current window -- just compare the
subsequent length-1 bytes */
back++;
here++;
len--;
}
if (zmemcmp(back, here, len) != EQUAL) {
fprintf(stderr, " start %u, match %d, length %d\n",
start, (int)match, length);
do {
fprintf(stderr, "%c%c", s->window[match++], s->window[start++]);
} while (--length != 0);
fprintf(stderr, "(%02x %02x)", *back++, *here++);
} while (--len != 0);
z_error("invalid match");
}
if (z_verbose > 1) {
Expand Down
Loading

0 comments on commit 8ead8d2

Please sign in to comment.