seedlingattempt/godot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

zlib/minizip: Update to version 1.2.12

Browse Source 
Security update, fixes CVE-2018-25032 in zlib.

Preliminary assessment doesn't show Godot as affected since we don't
seem to call `deflate` with the problematic parameters, but the extent
of the vulnerability is not fully clear upstream yet.
This commit is contained in:
Rémi Verschelde
2022-03-31 14:14:05 +02:00
parent a647fb3e62
commit 420d0d50bc
27 changed files with 10912 additions and 1114 deletions
Download Patch File Download Diff File Expand all files Collapse all files

60
thirdparty/minizip/unzip.c vendored
View File

@ -458,7 +458,7 @@ local ZPOS64_T unz64local_SearchCentralDir(const zlib_filefunc64_32_def* pzlib_f
if (((*(buf+i))==0x50) && ((*(buf+i+1))==0x4b) &&
((*(buf+i+2))==0x05) && ((*(buf+i+3))==0x06))
{
uPosFound = uReadPos+i;
uPosFound = uReadPos+(unsigned)i;
break;
}
@ -526,7 +526,7 @@ local ZPOS64_T unz64local_SearchCentralDir64(const zlib_filefunc64_32_def* pzlib
if (((*(buf+i))==0x50) && ((*(buf+i+1))==0x4b) &&
((*(buf+i+2))==0x06) && ((*(buf+i+3))==0x07))
{
uPosFound = uReadPos+i;
uPosFound = uReadPos+(unsigned)i;
break;
}
@ -869,13 +869,13 @@ local void unz64local_DosDateToTmuDate (ZPOS64_T ulDosDate, tm_unz* ptm)
{
ZPOS64_T uDate;
uDate = (ZPOS64_T)(ulDosDate>>16);
ptm->tm_mday = (uInt)(uDate&0x1f) ;
ptm->tm_mon = (uInt)((((uDate)&0x1E0)/0x20)-1) ;
ptm->tm_year = (uInt)(((uDate&0x0FE00)/0x0200)+1980) ;
ptm->tm_mday = (int)(uDate&0x1f) ;
ptm->tm_mon = (int)((((uDate)&0x1E0)/0x20)-1) ;
ptm->tm_year = (int)(((uDate&0x0FE00)/0x0200)+1980) ;
ptm->tm_hour = (uInt) ((ulDosDate &0xF800)/0x800);
ptm->tm_min = (uInt) ((ulDosDate&0x7E0)/0x20) ;
ptm->tm_sec = (uInt) (2*(ulDosDate&0x1f)) ;
ptm->tm_hour = (int) ((ulDosDate &0xF800)/0x800);
ptm->tm_min = (int) ((ulDosDate&0x7E0)/0x20) ;
ptm->tm_sec = (int) (2*(ulDosDate&0x1f)) ;
}
/*
@ -1009,7 +1009,7 @@ local int unz64local_GetCurrentFileInfoInternal (unzFile file,
if (lSeek!=0)
{
if (ZSEEK64(s->z_filefunc, s->filestream,lSeek,ZLIB_FILEFUNC_SEEK_CUR)==0)
if (ZSEEK64(s->z_filefunc, s->filestream,(ZPOS64_T)lSeek,ZLIB_FILEFUNC_SEEK_CUR)==0)
lSeek=0;
else
err=UNZ_ERRNO;
@ -1037,17 +1037,20 @@ local int unz64local_GetCurrentFileInfoInternal (unzFile file,
/* GODOT start */
if (lSeek<0) {
// WORKAROUND for backwards seeking
z_off_t pos = ZTELL64(s->z_filefunc, s->filestream);
if (ZSEEK64(s->z_filefunc, s->filestream,pos+lSeek,ZLIB_FILEFUNC_SEEK_SET)==0)
ZPOS64_T pos = ZTELL64(s->z_filefunc, s->filestream);
if (ZSEEK64(s->z_filefunc, s->filestream,pos+(ZPOS64_T)lSeek,ZLIB_FILEFUNC_SEEK_SET)==0)
lSeek=0;
else
err=UNZ_ERRNO;
} else {
if (ZSEEK64(s->z_filefunc, s->filestream,lSeek,ZLIB_FILEFUNC_SEEK_CUR)==0)
lSeek=0;
else
err=UNZ_ERRNO;
/* GODOT end */
if (ZSEEK64(s->z_filefunc, s->filestream,(ZPOS64_T)lSeek,ZLIB_FILEFUNC_SEEK_CUR)==0)
lSeek=0;
else
err=UNZ_ERRNO;
/* GODOT start */
}
/* GODOT end */
}
while(acc < file_info.size_file_extra)
@ -1116,7 +1119,7 @@ local int unz64local_GetCurrentFileInfoInternal (unzFile file,
if (lSeek!=0)
{
if (ZSEEK64(s->z_filefunc, s->filestream,lSeek,ZLIB_FILEFUNC_SEEK_CUR)==0)
if (ZSEEK64(s->z_filefunc, s->filestream,(ZPOS64_T)lSeek,ZLIB_FILEFUNC_SEEK_CUR)==0)
lSeek=0;
else
err=UNZ_ERRNO;
@ -1684,7 +1687,7 @@ extern int ZEXPORT unzSeekCurrentFile(unzFile file, int pos) {
if (pfile_in_zip_read_info->compression_method==Z_BZIP2ED) { // don't know how to support bzip
return UNZ_INTERNALERROR;
};
}
if ((pfile_in_zip_read_info->compression_method==0) || (pfile_in_zip_read_info->raw)) {
@ -1723,7 +1726,7 @@ extern int ZEXPORT unzSeekCurrentFile(unzFile file, int pos) {
pfile_in_zip_read_info->stream.avail_in = (uInt)0;
pfile_in_zip_read_info->stream.total_out = 0;
pfile_in_zip_read_info->stream.next_in = 0;
};
}
// not sure where to read, so read on the stack
{
@ -1735,17 +1738,17 @@ extern int ZEXPORT unzSeekCurrentFile(unzFile file, int pos) {
int read = unzReadCurrentFile(file, buf, len);
if (read < 0) {
return read;
};
}
to_read -= read;
if (read == UNZ_EOF) {
return pos;
};
};
};
};
}
}
}
}
return pos;
};
}
/* GODOT end */
extern int ZEXPORT unzOpenCurrentFile (unzFile file)
@ -1877,7 +1880,7 @@ extern int ZEXPORT unzReadCurrentFile (unzFile file, voidp buf, unsigned len)
if ((pfile_in_zip_read_info->stream.avail_in == 0) &&
(pfile_in_zip_read_info->rest_read_compressed == 0))
return (iRead==0) ? UNZ_EOF : iRead;
return (iRead==0) ? UNZ_EOF : (int)iRead;
if (pfile_in_zip_read_info->stream.avail_out <
pfile_in_zip_read_info->stream.avail_in)
@ -1967,6 +1970,9 @@ extern int ZEXPORT unzReadCurrentFile (unzFile file, voidp buf, unsigned len)
err = Z_DATA_ERROR;
uTotalOutAfter = pfile_in_zip_read_info->stream.total_out;
/* Detect overflow, because z_stream.total_out is uLong (32 bits) */
if (uTotalOutAfter<uTotalOutBefore)
uTotalOutAfter += 1LL << 32; /* Add maximum value of uLong + 1 */
uOutThis = uTotalOutAfter-uTotalOutBefore;
pfile_in_zip_read_info->total_out_64 = pfile_in_zip_read_info->total_out_64 + uOutThis;
@ -1981,14 +1987,14 @@ extern int ZEXPORT unzReadCurrentFile (unzFile file, voidp buf, unsigned len)
iRead += (uInt)(uTotalOutAfter - uTotalOutBefore);
if (err==Z_STREAM_END)
return (iRead==0) ? UNZ_EOF : iRead;
return (iRead==0) ? UNZ_EOF : (int)iRead;
if (err!=Z_OK)
break;
}
}
if (err==Z_OK)
return iRead;
return (int)iRead;
return err;
}