diff --git a/ChangeLog b/ChangeLog index 218cfb0..404717f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,13 @@ ChangeLog file for zlib +Changes in 1.0.5 (3 Jan 98) +- Fix inflate to terminate gracefully when fed corrupted or invalid data +- Use const for rommable constants in inflate +- Eliminate memory leaks on error conditions in inflate +- Removed some vestigial code in inflate +- Update web address in README + Changes in 1.0.4 (24 Jul 96) - In very rare conditions, deflate(s, Z_FINISH) could fail to produce an EOF bit, so the decompressor could decompress all the correct data but went diff --git a/Makefile b/Makefile index 71b269b..b216ba7 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,5 @@ # Makefile for zlib -# Copyright (C) 1995-1996 Jean-loup Gailly. +# Copyright (C) 1995-1998 Jean-loup Gailly. # For conditions of distribution and use, see copyright notice in zlib.h # To compile and test, type: @@ -22,7 +22,7 @@ CFLAGS=-O LDFLAGS=-L. -lz LDSHARED=$(CC) -VER=1.0.4 +VER=1.0.5 LIBS=libz.a AR=ar rc diff --git a/Makefile.in b/Makefile.in index 71b269b..b216ba7 100644 --- a/Makefile.in +++ b/Makefile.in @@ -1,5 +1,5 @@ # Makefile for zlib -# Copyright (C) 1995-1996 Jean-loup Gailly. +# Copyright (C) 1995-1998 Jean-loup Gailly. # For conditions of distribution and use, see copyright notice in zlib.h # To compile and test, type: @@ -22,7 +22,7 @@ CFLAGS=-O LDFLAGS=-L. -lz LDSHARED=$(CC) -VER=1.0.4 +VER=1.0.5 LIBS=libz.a AR=ar rc diff --git a/README b/README index 28adc90..bfc92f5 100644 --- a/README +++ b/README @@ -1,4 +1,4 @@ -zlib 1.0.4 is a general purpose data compression library. All the code +zlib 1.0.5 is a general purpose data compression library. All the code is reentrant (thread safe). The data format used by the zlib library is described by RFCs (Request for Comments) 1950 to 1952 in the files ftp://ds.internic.net/rfc/rfc1950.txt (zlib format), rfc1951.txt (deflate @@ -18,16 +18,13 @@ makefiles such as Makefile.msc; for VMS, use Make_vms.com or descrip.mms. Questions about zlib should be sent to or, if this fails, to the addresses given below in the Copyright section. -The zlib home page is http://quest.jpl.nasa.gov/zlib/ +The zlib home page is http://www.cdrom.com/pub/infozip/zlib/ -The changes made in version 1.0.4 are documented in the file ChangeLog. -The main changes since 1.0.3 are: +The changes made in version 1.0.5 are documented in the file ChangeLog. +The main changes since 1.0.4 are: -- In very rare conditions, deflate(s, Z_FINISH) could fail to produce an EOF - bit, so the decompressor could decompress all the correct data but went - on to attempt decompressing extra garbage data. This affected minigzip too. -- zlibVersion and gzerror return const char* (needed for DLL) -- port to RISCOS (no fdopen, no multiple dots, no unlink, no fileno) +- Fix inflate to terminate gracefully when fed corrupted or invalid data +- Use const for rommable constants in inflate A Perl interface to zlib written by Paul Marquess @@ -68,7 +65,7 @@ Acknowledgments: Copyright notice: - (C) 1995-1996 Jean-loup Gailly and Mark Adler + (C) 1995-1998 Jean-loup Gailly and Mark Adler This software is provided 'as-is', without any express or implied warranty. In no event will the authors be held liable for any damages diff --git a/deflate.c b/deflate.c index c6ba9b4..e1d66ce 100644 --- a/deflate.c +++ b/deflate.c @@ -1,5 +1,5 @@ /* deflate.c -- compress data using the deflation algorithm - * Copyright (C) 1995-1996 Jean-loup Gailly. + * Copyright (C) 1995-1998 Jean-loup Gailly. * For conditions of distribution and use, see copyright notice in zlib.h */ @@ -47,11 +47,10 @@ * */ -/* $Id: deflate.c,v 1.15 1996/07/24 13:40:58 me Exp $ */ #include "deflate.h" -char deflate_copyright[] = " deflate 1.0.4 Copyright 1995-1996 Jean-loup Gailly "; +char deflate_copyright[] = " deflate 1.0.5 Copyright 1995-1998 Jean-loup Gailly "; /* If you use the zlib library in a product, an acknowledgment is welcome in the documentation of your product. If for some reason you cannot diff --git a/infblock.c b/infblock.c index cc2e674..a300c28 100644 --- a/infblock.c +++ b/infblock.c @@ -1,5 +1,5 @@ /* infblock.c -- interpret and process block types to last block - * Copyright (C) 1995-1996 Mark Adler + * Copyright (C) 1995-1998 Mark Adler * For conditions of distribution and use, see copyright notice in zlib.h */ @@ -12,7 +12,7 @@ struct inflate_codes_state {int dummy;}; /* for buggy compilers */ /* Table for deflate from PKZIP's appnote.txt. */ -local uInt border[] = { /* Order of the bit length code lengths */ +local const uInt border[] = { /* Order of the bit length code lengths */ 16, 17, 18, 0, 8, 7, 9, 6, 10, 5, 11, 4, 12, 3, 13, 2, 14, 1, 15}; /* @@ -224,8 +224,6 @@ int r; } #endif t = 258 + (t & 0x1f) + ((t >> 5) & 0x1f); - if (t < 19) - t = 19; if ((s->sub.trees.blens = (uIntf*)ZALLOC(z, t, sizeof(uInt))) == Z_NULL) { r = Z_MEM_ERROR; @@ -249,6 +247,7 @@ int r; &s->sub.trees.tb, z); if (t != Z_OK) { + ZFREE(z, s->sub.trees.blens); r = t; if (r == Z_DATA_ERROR) s->mode = BAD; @@ -287,6 +286,8 @@ int r; if (i + j > 258 + (t & 0x1f) + ((t >> 5) & 0x1f) || (c == 16 && i < 1)) { + inflate_trees_free(s->sub.trees.tb, z); + ZFREE(z, s->sub.trees.blens); s->mode = BAD; z->msg = (char*)"invalid bit length repeat"; r = Z_DATA_ERROR; @@ -314,6 +315,7 @@ int r; #endif t = inflate_trees_dynamic(257 + (t & 0x1f), 1 + ((t >> 5) & 0x1f), s->sub.trees.blens, &bl, &bd, &tl, &td, z); + ZFREE(z, s->sub.trees.blens); if (t != Z_OK) { if (t == (uInt)Z_DATA_ERROR) @@ -330,7 +332,6 @@ int r; r = Z_MEM_ERROR; LEAVE } - ZFREE(z, s->sub.trees.blens); s->sub.decode.codes = c; s->sub.decode.tl = tl; s->sub.decode.td = td; diff --git a/inftrees.c b/inftrees.c index 90205bd..170c85e 100644 --- a/inftrees.c +++ b/inftrees.c @@ -1,12 +1,12 @@ /* inftrees.c -- generate Huffman trees for efficient decoding - * Copyright (C) 1995-1996 Mark Adler + * Copyright (C) 1995-1998 Mark Adler * For conditions of distribution and use, see copyright notice in zlib.h */ #include "zutil.h" #include "inftrees.h" -char inflate_copyright[] = " inflate 1.0.4 Copyright 1995-1996 Mark Adler "; +char inflate_copyright[] = " inflate 1.0.5 Copyright 1995-1998 Mark Adler "; /* If you use the zlib library in a product, an acknowledgment is welcome in the documentation of your product. If for some reason you cannot @@ -26,8 +26,8 @@ local int huft_build OF(( uIntf *, /* code lengths in bits */ uInt, /* number of codes */ uInt, /* number of "simple" codes */ - uIntf *, /* list of base values for non-simple codes */ - uIntf *, /* list of extra bits for non-simple codes */ + const uIntf *, /* list of base values for non-simple codes */ + const uIntf *, /* list of extra bits for non-simple codes */ inflate_huft * FAR*,/* result: starting table */ uIntf *, /* maximum lookup bits (returns actual) */ z_streamp )); /* for zalloc function */ @@ -38,18 +38,18 @@ local voidpf falloc OF(( uInt)); /* size of item */ /* Tables for deflate from PKZIP's appnote.txt. */ -local uInt cplens[31] = { /* Copy lengths for literal codes 257..285 */ +local const uInt cplens[31] = { /* Copy lengths for literal codes 257..285 */ 3, 4, 5, 6, 7, 8, 9, 10, 11, 13, 15, 17, 19, 23, 27, 31, 35, 43, 51, 59, 67, 83, 99, 115, 131, 163, 195, 227, 258, 0, 0}; - /* actually lengths - 2; also see note #13 above about 258 */ -local uInt cplext[31] = { /* Extra bits for literal codes 257..285 */ + /* see note #13 above about 258 */ +local const uInt cplext[31] = { /* Extra bits for literal codes 257..285 */ 0, 0, 0, 0, 0, 0, 0, 0, 1, 1, 1, 1, 2, 2, 2, 2, - 3, 3, 3, 3, 4, 4, 4, 4, 5, 5, 5, 5, 0, 192, 192}; /* 192==invalid */ -local uInt cpdist[30] = { /* Copy offsets for distance codes 0..29 */ + 3, 3, 3, 3, 4, 4, 4, 4, 5, 5, 5, 5, 0, 112, 112}; /* 112==invalid */ +local const uInt cpdist[30] = { /* Copy offsets for distance codes 0..29 */ 1, 2, 3, 4, 5, 7, 9, 13, 17, 25, 33, 49, 65, 97, 129, 193, 257, 385, 513, 769, 1025, 1537, 2049, 3073, 4097, 6145, 8193, 12289, 16385, 24577}; -local uInt cpdext[30] = { /* Extra bits for distance codes */ +local const uInt cpdext[30] = { /* Extra bits for distance codes */ 0, 0, 0, 0, 1, 1, 2, 2, 3, 3, 4, 4, 5, 5, 6, 6, 7, 7, 8, 8, 9, 9, 10, 10, 11, 11, 12, 12, 13, 13}; @@ -99,16 +99,16 @@ local int huft_build(b, n, s, d, e, t, m, zs) uIntf *b; /* code lengths in bits (all assumed <= BMAX) */ uInt n; /* number of codes (assumed <= N_MAX) */ uInt s; /* number of simple-valued codes (0..s-1) */ -uIntf *d; /* list of base values for non-simple codes */ -uIntf *e; /* list of extra bits for non-simple codes */ +const uIntf *d; /* list of base values for non-simple codes */ +const uIntf *e; /* list of extra bits for non-simple codes */ inflate_huft * FAR *t; /* result: starting table */ uIntf *m; /* maximum lookup bits, returns actual */ z_streamp zs; /* for zalloc function */ /* Given a list of code lengths and a maximum table size, make a set of tables to decode that set of codes. Return Z_OK on success, Z_BUF_ERROR if the given code set is incomplete (the tables are still built in this - case), Z_DATA_ERROR if the input is invalid (all zero length codes or an - over-subscribed set of lengths), or Z_MEM_ERROR if not enough memory. */ + case), Z_DATA_ERROR if the input is invalid (an over-subscribed set of + lengths), or Z_MEM_ERROR if not enough memory. */ { uInt a; /* counter for codes of length k */ @@ -190,6 +190,7 @@ z_streamp zs; /* for zalloc function */ if ((j = *p++) != 0) v[x[j]++] = i; } while (++i < n); + n = x[g]; /* set n to length of v */ /* Generate the Huffman codes and for each, make the table entries */ @@ -309,7 +310,7 @@ z_streamp z; /* for zfree function */ r = huft_build(c, 19, 19, (uIntf*)Z_NULL, (uIntf*)Z_NULL, tb, bb, z); if (r == Z_DATA_ERROR) z->msg = (char*)"oversubscribed dynamic bit lengths tree"; - else if (r == Z_BUF_ERROR) + else if (r == Z_BUF_ERROR || *bb == 0) { inflate_trees_free(*tb, z); z->msg = (char*)"incomplete dynamic bit lengths tree"; @@ -332,11 +333,12 @@ z_streamp z; /* for zfree function */ int r; /* build literal/length tree */ - if ((r = huft_build(c, nl, 257, cplens, cplext, tl, bl, z)) != Z_OK) + r = huft_build(c, nl, 257, cplens, cplext, tl, bl, z); + if (r != Z_OK || *bl == 0) { if (r == Z_DATA_ERROR) z->msg = (char*)"oversubscribed literal/length tree"; - else if (r == Z_BUF_ERROR) + else if (r != Z_MEM_ERROR) { inflate_trees_free(*tl, z); z->msg = (char*)"incomplete literal/length tree"; @@ -346,17 +348,23 @@ z_streamp z; /* for zfree function */ } /* build distance tree */ - if ((r = huft_build(c + nl, nd, 0, cpdist, cpdext, td, bd, z)) != Z_OK) + r = huft_build(c + nl, nd, 0, cpdist, cpdext, td, bd, z); + if (r != Z_OK || (*bd == 0 && nl > 257)) { if (r == Z_DATA_ERROR) - z->msg = (char*)"oversubscribed literal/length tree"; + z->msg = (char*)"oversubscribed distance tree"; else if (r == Z_BUF_ERROR) { #ifdef PKZIP_BUG_WORKAROUND r = Z_OK; } #else inflate_trees_free(*td, z); - z->msg = (char*)"incomplete literal/length tree"; + z->msg = (char*)"incomplete distance tree"; + r = Z_DATA_ERROR; + } + else if (r != Z_MEM_ERROR) + { + z->msg = (char*)"empty distance tree with lengths"; r = Z_DATA_ERROR; } inflate_trees_free(*tl, z); diff --git a/zlib.def b/zlib.def index 08c6d55..56365cf 100644 --- a/zlib.def +++ b/zlib.def @@ -8,7 +8,7 @@ SUBSYSTEM WINDOWS STUB 'WINSTUB.EXE' -VERSION 1.04 +VERSION 1.05 CODE EXECUTE READ diff --git a/zlib.h b/zlib.h index 337fe9f..9537cb8 100644 --- a/zlib.h +++ b/zlib.h @@ -1,7 +1,7 @@ /* zlib.h -- interface of the 'zlib' general purpose compression library - version 1.0.4, Jul 24th, 1996. + version 1.0.5, Jan 3rd, 1998. - Copyright (C) 1995-1996 Jean-loup Gailly and Mark Adler + Copyright (C) 1995-1998 Jean-loup Gailly and Mark Adler This software is provided 'as-is', without any express or implied warranty. In no event will the authors be held liable for any damages @@ -37,7 +37,7 @@ extern "C" { #include "zconf.h" -#define ZLIB_VERSION "1.0.4" +#define ZLIB_VERSION "1.0.5" /* The 'zlib' compression library provides in-memory compression and diff --git a/zlib.rc b/zlib.rc index 2c0a3e4..4c67aff 100644 --- a/zlib.rc +++ b/zlib.rc @@ -2,8 +2,8 @@ #define IDR_VERSION1 1 IDR_VERSION1 VERSIONINFO MOVEABLE IMPURE LOADONCALL DISCARDABLE - FILEVERSION 1,0,4,0 - PRODUCTVERSION 1,0,4,0 + FILEVERSION 1,0,5,0 + PRODUCTVERSION 1,0,5,0 FILEFLAGSMASK VS_FFI_FILEFLAGSMASK FILEFLAGS 0 FILEOS VOS_DOS_WINDOWS32 @@ -17,7 +17,7 @@ BEGIN BEGIN VALUE "FileDescription", "zlib data compression library\0" - VALUE "FileVersion", "1.0.4\0" + VALUE "FileVersion", "1.0.5\0" VALUE "InternalName", "zlib\0" VALUE "OriginalFilename", "zlib.lib\0" VALUE "ProductName", "ZLib.DLL\0"