rpms
/
miniz
20
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix mz_zip_reader_extract_to_heap() to read correct sizes

Browse Source
epel9 imports/e9/miniz-2.2.0-2.el9
Petr Písař 3 years ago
parent 557b979c93
commit dd96405eab
2 changed files with 113 additions and 0 deletions
Show Stats Download Patch File Download Diff File

108
miniz-2.2.0-miniz_zip-fix-mz_zip_reader_extract_to_heap-to-read-.patch
Unescape View File

@ -0,0 +1,108 @@
From f37c338de59d335e6fee6f5040653a3fe731e825 Mon Sep 17 00:00:00 2001
From: Ozkan Sezer <sezeroz@gmail.com>
Date: Sun, 2 Jan 2022 20:56:56 +0300
Subject: [PATCH] miniz_zip: fix mz_zip_reader_extract_to_heap to read correct
sizes
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Fixes: https://github.com/richgel999/miniz/issues/218
Petr Písař: Ported to 2.2.0 from
501a76154940c465bc3e97f7e2d16134021bd8aa and
f3d9e2293bdf9da952747cdd794a4fa83e0e5b24.
Signed-off-by: Petr Písař <ppisar@redhat.com>
---
miniz.c | 31 +++++++++++++++++--------------
1 file changed, 17 insertions(+), 14 deletions(-)
diff --git a/miniz.c b/miniz.c
index 845a107..e32f892 100644
--- a/miniz.c
+++ b/miniz.c
@@ -4385,7 +4385,8 @@ mz_bool mz_zip_reader_locate_file_v2(mz_zip_archive *pZip, const char *pName, co
return mz_zip_set_error(pZip, MZ_ZIP_FILE_NOT_FOUND);
}
-mz_bool mz_zip_reader_extract_to_mem_no_alloc(mz_zip_archive *pZip, mz_uint file_index, void *pBuf, size_t buf_size, mz_uint flags, void *pUser_read_buf, size_t user_read_buf_size)
+static
+mz_bool mz_zip_reader_extract_to_mem_no_alloc1(mz_zip_archive *pZip, mz_uint file_index, void *pBuf, size_t buf_size, mz_uint flags, void *pUser_read_buf, size_t user_read_buf_size, const mz_zip_archive_file_stat *st)
{
int status = TINFL_STATUS_DONE;
mz_uint64 needed_size, cur_file_ofs, comp_remaining, out_buf_ofs = 0, read_buf_size, read_buf_ofs = 0, read_buf_avail;
@@ -4398,6 +4399,9 @@ mz_bool mz_zip_reader_extract_to_mem_no_alloc(mz_zip_archive *pZip, mz_uint file
if ((!pZip) || (!pZip->m_pState) || ((buf_size) && (!pBuf)) || ((user_read_buf_size) && (!pUser_read_buf)) || (!pZip->m_pRead))
return mz_zip_set_error(pZip, MZ_ZIP_INVALID_PARAMETER);
+ if (st) {
+ file_stat = *st;
+ } else
if (!mz_zip_reader_file_stat(pZip, file_index, &file_stat))
return MZ_FALSE;
@@ -4528,17 +4532,22 @@ mz_bool mz_zip_reader_extract_to_mem_no_alloc(mz_zip_archive *pZip, mz_uint file
return status == TINFL_STATUS_DONE;
}
+mz_bool mz_zip_reader_extract_to_mem_no_alloc(mz_zip_archive *pZip, mz_uint file_index, void *pBuf, size_t buf_size, mz_uint flags, void *pUser_read_buf, size_t user_read_buf_size)
+{
+ return mz_zip_reader_extract_to_mem_no_alloc1(pZip, file_index, pBuf, buf_size, flags, pUser_read_buf, user_read_buf_size, NULL);
+}
+
mz_bool mz_zip_reader_extract_file_to_mem_no_alloc(mz_zip_archive *pZip, const char *pFilename, void *pBuf, size_t buf_size, mz_uint flags, void *pUser_read_buf, size_t user_read_buf_size)
{
mz_uint32 file_index;
if (!mz_zip_reader_locate_file_v2(pZip, pFilename, NULL, flags, &file_index))
return MZ_FALSE;
- return mz_zip_reader_extract_to_mem_no_alloc(pZip, file_index, pBuf, buf_size, flags, pUser_read_buf, user_read_buf_size);
+ return mz_zip_reader_extract_to_mem_no_alloc1(pZip, file_index, pBuf, buf_size, flags, pUser_read_buf, user_read_buf_size, NULL);
}
mz_bool mz_zip_reader_extract_to_mem(mz_zip_archive *pZip, mz_uint file_index, void *pBuf, size_t buf_size, mz_uint flags)
{
- return mz_zip_reader_extract_to_mem_no_alloc(pZip, file_index, pBuf, buf_size, flags, NULL, 0);
+ return mz_zip_reader_extract_to_mem_no_alloc1(pZip, file_index, pBuf, buf_size, flags, NULL, 0, NULL);
}
mz_bool mz_zip_reader_extract_file_to_mem(mz_zip_archive *pZip, const char *pFilename, void *pBuf, size_t buf_size, mz_uint flags)
@@ -4548,23 +4557,17 @@ mz_bool mz_zip_reader_extract_file_to_mem(mz_zip_archive *pZip, const char *pFil
void *mz_zip_reader_extract_to_heap(mz_zip_archive *pZip, mz_uint file_index, size_t *pSize, mz_uint flags)
{
- mz_uint64 comp_size, uncomp_size, alloc_size;
- const mz_uint8 *p = mz_zip_get_cdh(pZip, file_index);
+ mz_zip_archive_file_stat file_stat;
+ mz_uint64 alloc_size;
void *pBuf;
if (pSize)
*pSize = 0;
- if (!p)
- {
- mz_zip_set_error(pZip, MZ_ZIP_INVALID_PARAMETER);
+ if (!mz_zip_reader_file_stat(pZip, file_index, &file_stat))
return NULL;
- }
-
- comp_size = MZ_READ_LE32(p + MZ_ZIP_CDH_COMPRESSED_SIZE_OFS);
- uncomp_size = MZ_READ_LE32(p + MZ_ZIP_CDH_DECOMPRESSED_SIZE_OFS);
- alloc_size = (flags & MZ_ZIP_FLAG_COMPRESSED_DATA) ? comp_size : uncomp_size;
+ alloc_size = (flags & MZ_ZIP_FLAG_COMPRESSED_DATA) ? file_stat.m_comp_size : file_stat.m_uncomp_size;
if (((sizeof(size_t) == sizeof(mz_uint32))) && (alloc_size > 0x7FFFFFFF))
{
mz_zip_set_error(pZip, MZ_ZIP_INTERNAL_ERROR);
@@ -4577,7 +4580,7 @@ void *mz_zip_reader_extract_to_heap(mz_zip_archive *pZip, mz_uint file_index, si
return NULL;
}
- if (!mz_zip_reader_extract_to_mem(pZip, file_index, pBuf, (size_t)alloc_size, flags))
+ if (!mz_zip_reader_extract_to_mem_no_alloc1(pZip, file_index, pBuf, (size_t)alloc_size, flags, NULL, 0, &file_stat))
{
pZip->m_pFree(pZip->m_pAlloc_opaque, pBuf);
return NULL;
--
2.34.1

5
miniz.spec
Unescape View File

@ -27,6 +27,9 @@ Patch3: miniz-2.2.0-Fix-MZ_ZIP_GENERAL_PURPOSE_BIT_FLAG_UTF8-not-being-s.pat
# Fix an undefined behaviour in tinfl_decompress(), GH#216, # Fix an undefined behaviour in tinfl_decompress(), GH#216,
# in upstream after 2.2.0. # in upstream after 2.2.0.
Patch4: miniz-2.2.0-tinfl_decompress-avoid-NULL-ptr-arithmetic-UB.patch Patch4: miniz-2.2.0-tinfl_decompress-avoid-NULL-ptr-arithmetic-UB.patch
# Fix mz_zip_reader_extract_to_heap() to read correct sizes, GH#220,
# in upstream after 2.2.0.
Patch5: miniz-2.2.0-miniz_zip-fix-mz_zip_reader_extract_to_heap-to-read-.patch
BuildRequires: coreutils BuildRequires: coreutils
# diffutils for cmp # diffutils for cmp
BuildRequires: diffutils BuildRequires: diffutils
@ -69,6 +72,7 @@ unzip -e '%{SOURCE0}'
%patch2 -p1 %patch2 -p1
%patch3 -p1 %patch3 -p1
%patch4 -p1 %patch4 -p1
%patch5 -p1
# Normalize end-of-lines # Normalize end-of-lines
sed -e 's/\r$//' ChangeLog.md > ChangeLog.md.new sed -e 's/\r$//' ChangeLog.md > ChangeLog.md.new
touch -r ChangeLog.md ChangeLog.md.new touch -r ChangeLog.md ChangeLog.md.new
@ -150,6 +154,7 @@ install -m 0644 %{name}.h '%{buildroot}/%{_includedir}'
- Fix an unaligned memory access - Fix an unaligned memory access
- Fix setting MZ_ZIP_GENERAL_PURPOSE_BIT_FLAG_UTF8 - Fix setting MZ_ZIP_GENERAL_PURPOSE_BIT_FLAG_UTF8
- Fix an undefined behaviour in tinfl_decompress() (GH#216) - Fix an undefined behaviour in tinfl_decompress() (GH#216)
- Fix mz_zip_reader_extract_to_heap() to read correct sizes (GH#220)
* Wed Aug 11 2021 Petr Pisar <ppisar@redhat.com> - 2.2.0-1 * Wed Aug 11 2021 Petr Pisar <ppisar@redhat.com> - 2.2.0-1
- 2.2.0 bump - 2.2.0 bump

Write Preview
Loading…
Cancel
Save