mirrors/zlib
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
635 Commits 2 Branches 76 Tags
Commit Graph

635 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mark Adler
51b7f2abda zlib 1.3.1 v1.3.1 2024-01-22 10:32:37 -08:00
Mark Adler
1a8db63788 Move the load flags before the object files in Makefile tests. 2024-01-22 05:54:21 -08:00
tr1cks
2e3d86c4e1 Add target include directories to CMakeLists.txt. 
This enables the addition of zlib to other projects.
 2024-01-22 05:43:21 -08:00
Mark Adler
c06dfecb8a Use Makefile compiler for minizip-test target. 2024-01-21 09:25:44 -08:00
Mark Adler
88ec24670e Remove -w compile option in configure test. 
Not all C compilers have a -w option.
 2024-01-20 18:29:31 -08:00
Dan Kegel
9404df5a1f Use updated zconf.h when building out of directory with configure. 2024-01-19 16:16:11 -08:00
Mark Adler
84f0bafd7c Remove carriage returns from zlib.map. 2024-01-19 15:26:17 -08:00
Mark Adler
7af6320ad7 Fix a bug in ZLIB_DEBUG compiles in check_match(). 
This avoids trying to compare a match starting one byte before the
current window. Thanks to @zmodem (Hans) for discovering this.
 2024-01-19 12:19:53 -08:00
Mark Adler
7b632b486a Revert "Add a CMake option to link the C runtime statically." 
This reverts commit 44dc43ab047d65febed972a17b0e3bf7e994e8f2.
 2024-01-19 10:10:42 -08:00
Mark Adler
3f635df97e Remove unused Z_ARG macro. 2024-01-17 18:20:32 -08:00
gastush
ade6825c49 Fix cmake build on AIX. 
The --version-script linker option is not supported by the linker on AIX systems
 2024-01-17 17:52:19 -08:00
Mark Adler
2526346237 Remove mentions of an official zlib DLL distribution. 
There used to be one, but no more. It is up to the user or vendor
to compile zlib.
 2024-01-17 17:19:03 -08:00
Dimitri Papadopoulos
fe41d18921 Correct typos in source code. 2024-01-17 16:43:38 -08:00
Milan Bulat
01253ecd7e Make the existence of gz_intmax() unconditional. 
gz_intmax() is noted in zlib.map. This assures it's always there.
 2024-01-17 16:07:14 -08:00
Peter Taylor
6201f89384 Add cmake option to control the build of the example executables. 2024-01-17 15:34:01 -08:00
Matt Wilson
14a5f8f266 Neutralize zip file traversal attacks in miniunz. 
Archive formats such as .zip files are generally susceptible to
so-called "traversal attacks". This allows an attacker to craft
an archive that writes to unexpected locations of the file system
(e.g., /etc/shadow) if an unspecting root user were to unpack a
malicious archive.

This patch neutralizes absolute paths such as /tmp/moo and deeply
relative paths such as dummy/../../../../../../../../../../tmp/moo

The Debian project requested CVE-2014-9485 be allocated for the
first identified weakness. The fix was incomplete, resulting in a
revised patch applied here. Since there wasn't an updated version
released by Debian with the incomplete fix, I suggest we use this
CVE to identify both issues.

Link: https://security.snyk.io/research/zip-slip-vulnerability
Link: https://bugs.debian.org/774321
Link: https://bugs.debian.org/776831
Link: https://nvd.nist.gov/vuln/detail/CVE-2014-9485
Reported-by: Jakub Wilk <jwilk@debian.org>
Fixed-by: Michael Gilbert <mgilbert@debian.org>
 2024-01-17 15:08:08 -08:00
tbeu
44dc43ab04 Add a CMake option to link the C runtime statically. 2024-01-17 14:55:54 -08:00
THE-Spellchecker
01155ccc3f Fix random typos over several source and text files. 2024-01-17 13:49:11 -08:00
William Leara
16799d064b Fix "the the" in examples/gzlog.c. 2024-01-17 12:52:01 -08:00
William Leara
190168cc1c Correct case of MSDOS in contrib/minizip/miniunz.c. 2024-01-17 12:48:27 -08:00
William Leara
762cf49e63 Refer to correct function in contrib/minizip/unzip.c comment. 2024-01-17 12:46:14 -08:00
Mark Adler
36e369e1a5 Note that the len2 argument of crc_combine*() must be non-negative. 
If it is negative, then the code will enter an infinite loop.
 2024-01-13 22:30:30 -08:00
Hans Wennborg
60c31985ec Fix the copy of pending_buf in deflateCopy() for the LIT_MEM case. 2024-01-13 22:30:30 -08:00
Hans Wennborg
ee474ff2d1 Fix pending buffer overflow assert with LIT_MEM allocation. 
Since each element in s->d_buf is 2 bytes, the sx index should be
multiplied by 2 in the assert.

Fixes #897
 2024-01-13 22:30:30 -08:00
Mark Adler
4bd9a71f35 Remove fdopen #defines in zutil.h. 
fdopen() is not used by zlib anymore. The #defines are vestigial.
 2024-01-13 22:30:30 -08:00
Mark Adler
431a9b65ea Add bounds checking to ERR_MSG() macro, used by zError(). 2024-01-13 22:29:58 -08:00
Paul Ivanov
643e17b749 Correct repeated words in source file comments and a readme. 2023-11-14 18:44:32 -08:00
Mark Adler
15c45adb76 Fix decision on the emission of Zip64 end records in minizip. 
The appnote says that if the number of entries in the end record
is 0xffff, then the actual number of entries will be found in the
Zip64 end record. Therefore if the number of entries is equal to
0xffff, it can't be in the end record by itself, since that is an
instruction to get the number from the Zip64 end record. This code
would just store 0xffff in the end record in that case, not making
a Zip64 end record. This commit fixes that.
 2023-11-07 15:46:41 -08:00
Mark Adler
ac8f12c97d Add LIT_MEM define to use more memory for a small deflate speedup. 
A bug fix in zlib 1.2.12 resulted in a slight slowdown (1-2%) of
deflate. This commit provides the option to #define LIT_MEM, which
uses more memory to reverse most of that slowdown. The memory for
the pending buffer and symbol buffers is increased by 25%, which
increases the total memory usage with the default parameters by
about 6%.
 2023-09-21 00:14:56 -07:00
Xin LI
bd9c329c10 Make internal functions static in the test code. 
To avoid warnings when building with -Wmissing-prototypes.
 2023-09-03 21:50:07 -07:00
Mark Adler
5af7cef45e Fix bug in inflateSync() for data held in bit buffer. 2023-08-24 02:14:23 -04:00
tbeu
88e50f1705 Update miniunz version. 2023-08-20 11:38:03 -07:00
Mark Adler
79a0e447a0 Update version and date in contrib/nuget. 2023-08-19 23:17:29 -07:00
Mark Adler
8988e03256 Update version numbers and year in contrib/vstudio/vc17. 2023-08-19 17:13:12 -07:00
Mark Adler
7192d692be Update vc directory in contrib/nuget. 2023-08-19 17:07:35 -07:00
Mark Adler
60bfe641af Rename contrib/vstudio/vc143 to vc17. 
This makes it consistent with the other vstudio projects, which
use the version number.
 2023-08-19 12:13:00 -07:00
Hans Wennborg
73331a6a04 Reject overflows of zip header fields in minizip. 
This checks the lengths of the file name, extra field, and comment
that would be put in the zip headers, and rejects them if they are
too long. They are each limited to 65535 bytes in length by the zip
format. This also avoids possible buffer overflows if the provided
fields are too long.
 2023-08-19 11:56:12 -07:00
Mark Adler
726e18943d Remove Windows ARM and ARM64 builds from cmake workflow. 
They were added in the VS2022 commit, but failed when run.
 2023-08-19 11:07:39 -07:00
AraHaan
4a47c1bf3d Add project and solution files for building a nuget package. 2023-08-19 10:57:26 -07:00
AraHaan
d7de5971f4 Add VS2022 project files. 
Also replaced Itanium with ARM and ARM64 configurations.
 2023-08-19 10:54:50 -07:00
Mark Adler
4c5a81c2ae Remove carriage returns from contrib/vstudio/readme.txt. 2023-08-19 10:43:36 -07:00
Mark Adler
0f68a0d89d Limit the length of Darwin shared library version number. 2023-08-18 16:17:33 -07:00
Mark Adler
5dc7681ff1 Fix version numbering for Darwin shared library. 2023-08-18 16:01:06 -07:00
Mark Adler
3a98b57e55 Change version number on develop branch to 1.3.0.1. 2023-08-18 13:23:07 -07:00
Mark Adler
09155eaa2f zlib 1.3 v1.3 2023-08-18 01:45:36 -07:00
Mark Adler
899ffefb19 Use original make and options when Makefile runs make. 
Also avoid the use of the -C option for non-GNU make.
 2023-08-17 23:52:24 -07:00
Mark Adler
25bbd7f5a6 Avoid uninitialized and unused warnings in contrib/minizip. 2023-08-17 22:35:43 -07:00
Mark Adler
e13289e307 Fix typo in preceding reversion commit. 2023-08-17 17:40:56 -07:00
Mark Adler
f5ae600cc7 Revert flipping of load flags in Makefile.in for z/OS. 
It looked innocuous enough and worked on macOS, but failed on
Ubuntu.
 2023-08-17 17:34:11 -07:00
OldWorldOrdr
daf27aed08 Look for a cross-compile libtool first in configure. 
Permit cross-compilation for Darwin.
 2023-08-17 17:12:52 -07:00