Though it does not matter for code correctness, clang's UBSan
injects code that complains about computing a pointer from an array
where the result is out-of-bounds for that array, even though the
pointer is never dereferenced. Go figure. This commit avoids that
possibility when computing distcode in inflateCopy().
C2X has removed K&R definitions from the C function syntax.
Though the standard has not yet been approved, some high-profile
compilers are now issuing warnings when such definitions are
encountered.
The inflate() functions never leave state->bits greater than 24, so
an inflatePrime() call could not cause this. The only way this
could have happened would be by using inflatePrime() to fill the
bit buffer with 32 bits, and then calling inflatePrime() a *second*
time asking to insert zero bits, for some reason. This commit
assures that a shift by 32 bits does not occur even in that case.
If the extra field was larger than the space the user provided with
inflateGetHeader(), and if multiple calls of inflate() delivered
the extra header data, then there could be a buffer overflow of the
provided space. This commit assures that provided space is not
exceeded.
inflateSync() is used to skip invalid deflate data, which means
that the check value that was being computed is no longer useful.
This commit turns off the check value computation, and furthermore
allows a successful return if the compressed data terminated in a
graceful manner. This commit also fixes a bug in the case that
inflateSync() is used before a header is ever processed. In that
case, there is no knowledge of a trailer, so the remainder is
treated as raw.
If zlib and/or gzip header processing was requested, but a header
was never provided and inflateSync was used successfully, then the
inflate state would be inconsistent, trying to compute a check
value but with no flags set. This commit sets the inflate mode to
raw in this case, since there is no other assumption that can be
made if a header was requested but never seen.
This verifies that the state has been initialized, that it is the
expected type of state, deflate or inflate, and that at least the
first several bytes of the internal state have not been clobbered.
The undocumented (except in these commit comments) function
inflateValidate(strm, check) can be called after an inflateInit(),
inflateInit2(), or inflateReset2() with check equal to zero to
turn off the check value (CRC-32 or Adler-32) computation and
comparison. Calling with check not equal to zero turns checking
back on. This should only be called immediately after the init or
reset function. inflateReset() does not change the state, so a
previous inflateValidate() setting will remain in effect.
This also turns off validation of the gzip header CRC when
present.
This should only be used when a zlib or gzip stream has already
been checked, and repeated decompressions of the same stream no
longer need to be validated.
When windowBits is zero, the size of the sliding window comes from
the zlib header. The allowed values of the four-bit field are
0..7, but when windowBits is zero, values greater than 7 are
permitted and acted upon, resulting in large, mostly unused memory
allocations. This fix rejects such invalid zlib headers.
A windowBits value of 0, 16, or 32 gets the window bits from the
zlib header. However there is no zlib header for 16, or for 32
when the input is gzip. This commit sets the window bits for
inflate to 15 if a gzip stream is detected and windowBits was 16
or 32.
This patch allows zlib to compile cleanly with the -Wcast-qual gcc
warning enabled, but only if ZLIB_CONST is defined, which adds
const to next_in and msg in z_stream and in the in_func prototype.
A --const option is added to ./configure which adds -DZLIB_CONST
to the compile flags, and adds -Wcast-qual to the compile flags
when ZLIBGCCWARN is set in the environment.
inflate() avoided that allocation normally, until it was modified to
update the window on a normal completion so that inflateResetKeep()
could work. This patch restores that behavior, but only when
Z_FINISH is used successfully to complete an inflation of a stream in
a single call of inflate(). The comments in zlib.h have been updated
accordingly.
This patch adds the deflateResetKeep() function to retain the sliding
window for the next deflate operation, and fixes an inflateResetKeep()
problem that came from inflate() not updating the window when the
stream completed. This enables constructing and decompressing a series
of concatenated deflate streams where each can depend on the history of
uncompressed data that precedes it.
This generalizes deflateSetDictionary() and inflateSetDictionary() to
permit setting the dictionary in the middle of a stream for raw deflate
and inflate. This in combination with the Keep functions enables a
scheme for updating files block by block with the transmission of
compressed data, where blocks are sent with deflateResetKeep() to
retain history for better compression, and deflateSetDictionary() is
used for blocks already present at the receiver to skip compression but
insert that data in the history, again for better compression. The
corresponding inflate calls are done on the receiver side.
During coverage testing it was discovered that these two lines could
never pull more bits, since the immediately preceding for loop assures
that all of the code's bits are already pulled.
The Microsoft CAB file format compresses each block with completed
deflate streams that depend on the sliding window history of the
previous block in order to decode. inflateResetKeep() does what
inflateReset() does, except the sliding window history from the
previous inflate operation is retained.
A common request has been the ability to compile zlib to require no
other libraries. This --solo option provides that ability. The price
is that the gz*, compress*, and uncompress functions are eliminated,
and that the user must provide memory allocation and free routines to
deflate and inflate when initializing.
Mark Adler