Skip to content

Fix Windows build#10

Closed
poiru wants to merge 6 commits intomadler:developfrom
poiru:master
Closed

Fix Windows build#10
poiru wants to merge 6 commits intomadler:developfrom
poiru:master

Conversation

@poiru
Copy link
Copy Markdown
Contributor

@poiru poiru commented Mar 22, 2012

Removed the undefined gzflags export, which causes a build failure.

@poiru
Copy link
Copy Markdown
Contributor Author

poiru commented Mar 22, 2012

Let me close this pull request as unwanted commits seem to have been included. I opened pull request #11, which contains (only) the fix.

@poiru poiru closed this Mar 22, 2012
geoff-nixon referenced this pull request in geoff-nixon/zlib May 6, 2016
@Dead2
Merge pull request cloudflare#10 from mtl1979/develop
4668580 
Fix compiling under Visual Studio
sebpop pushed a commit to sebpop/zlib that referenced this pull request Nov 15, 2018
oss-fuzz/11360: clear out s->prev buffer to avoid undefined behavior
d07add4 
this patch fixes a use of uninitialized value discovered by one of the fuzzers
of the oss-fuzz project:
https://github.com/google/oss-fuzz/blob/master/projects/zlib/example_dict_fuzzer.c
clang's memory sanitizer fails with:

==1==WARNING: MemorySanitizer: use-of-uninitialized-value
    #0 0x5930dd in slide_hash zlib/deflate.c:222:20
    madler#1 0x589461 in fill_window zlib/deflate.c:1558:13
    madler#2 0x59828f in deflate_rle zlib/deflate.c:2119:13
    madler#3 0x590614 in deflate zlib/deflate.c:1045:41
    madler#4 0x4a2d56 in test_dict_deflate /src/example_dict_fuzzer.c:79:11
    madler#5 0x4a3e9b in LLVMFuzzerTestOneInput /src/example_dict_fuzzer.c:156:3
    madler#6 0x4ed04b in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/libfuzzer/FuzzerLoop.cpp:571:15
    madler#7 0x4a4ff6 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/libfuzzer/FuzzerDriver.cpp:280:6
    madler#8 0x4b5e1a in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/libfuzzer/FuzzerDriver.cpp:713:9
    madler#9 0x4a4121 in main /src/libfuzzer/FuzzerMain.cpp:20:10
    madler#10 0x7f3d7a13b82f in __libc_start_main /build/glibc-Cl5G7W/glibc-2.23/csu/libc-start.c:291
    madler#11 0x41ed08 in _start
  Uninitialized value was created by a heap allocation
    #0 0x45fa10 in malloc /src/llvm/projects/compiler-rt/lib/msan/msan_interceptors.cc:911
    madler#1 0x586920 in deflateInit2_ zlib/deflate.c:320:27
    madler#2 0x4a2a24 in test_dict_deflate /src/example_dict_fuzzer.c:61:11
    madler#3 0x4a3e9b in LLVMFuzzerTestOneInput /src/example_dict_fuzzer.c:156:3
    madler#4 0x4ed04b in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/libfuzzer/FuzzerLoop.cpp:571:15
    madler#5 0x4a4ff6 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/libfuzzer/FuzzerDriver.cpp:280:6
    madler#6 0x4b5e1a in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/libfuzzer/FuzzerDriver.cpp:713:9
    madler#7 0x4a4121 in main /src/libfuzzer/FuzzerMain.cpp:20:10
    madler#8 0x7f3d7a13b82f in __libc_start_main /build/glibc-Cl5G7W/glibc-2.23/csu/libc-start.c:291
@sebpop sebpop mentioned this pull request Nov 15, 2018
Closed
hzhuang1 pushed a commit to Linaro/warpdrive-zlib that referenced this pull request Jul 31, 2019
@Dead2
fix madler#197, oss-fuzz/10036: only write 4 bytes per iteration in d…
11989c9 
…eflate_quick

by aggregating the two consecutive values to be written by static_emit_ptr to
s->pending_buf and writing the two values at once in a 4 byte store, we avoid
running out of the allocated buffer. We used to call quick_send_bits twice and
bumped the counter s->pending in the first call, which made the second call
write to memory beyond the safe 4 bytes that were guaranteed by the following
condition in the enclosing loop in deflate_quick:

  if (s->pending + 4 >= s->pending_buf_size) {
    flush_pending(s->strm);

The bug was exposed by the memory sanitizer like so:

MemorySanitizer:DEADLYSIGNAL
--
  | ==1==ERROR: MemorySanitizer: SEGV on unknown address 0x730000020000 (pc 0x0000005b6ce4 bp 0x7fff59adb5e0 sp 0x7fff59adb570 T1)
  | ==1==The signal is caused by a WRITE memory access.
  | #0 0x5b6ce3 in quick_send_bits zlib-ng/arch/x86/deflate_quick.c:134:48
  | madler#1 0x5b5752 in deflate_quick zlib-ng/arch/x86/deflate_quick.c:243:21
  | madler#2 0x590a15 in zng_deflate zlib-ng/deflate.c:952:18
  | madler#3 0x587165 in zng_compress2 zlib-ng/compress.c:59:15
  | madler#4 0x5866d3 in check_compress_level zlib-ng/test/fuzz/compress_fuzzer.c:22:3
  | madler#5 0x5862d8 in LLVMFuzzerTestOneInput zlib-ng/test/fuzz/compress_fuzzer.c:74:3
  | madler#6 0x4e9b48 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/libfuzzer/FuzzerLoop.cpp:575:15
  | madler#7 0x4a2f66 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/libfuzzer/FuzzerDriver.cpp:280:6
  | madler#8 0x4b3adb in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/libfuzzer/FuzzerDriver.cpp:715:9
  | madler#9 0x4a2091 in main /src/libfuzzer/FuzzerMain.cpp:20:10
  | madler#10 0x7fb8919b082f in __libc_start_main /build/glibc-Cl5G7W/glibc-2.23/csu/libc-start.c:291
  | madler#11 0x41ec68 in _start
  | MemorySanitizer can not provide additional info.
  | SUMMARY: MemorySanitizer: SEGV (/mnt/scratch0/clusterfuzz/slave-bot/builds/clusterfuzz-builds_zlib-ng_7ead0a3e4980f024583384fd355b6e3ddd4b2ca2/revisions/compress_fuzzer+0x5b6ce3)
hzhuang1 pushed a commit to Linaro/warpdrive-zlib that referenced this pull request Jul 31, 2019
@Dead2
fix bugs madler#186 and madler#191, oss-fuzz/9831: use-of-uninitializ…
cf1e67e 
…ed-value

==1==WARNING: MemorySanitizer: use-of-uninitialized-value
  #0 0x59fa93 in deflate_medium zlib-ng/deflate_medium.c:259:21
  madler#1 0x590905 in zng_deflate zlib-ng/deflate.c:951:18
  madler#2 0x587095 in zng_compress2 zlib-ng/compress.c:59:15
  madler#3 0x5866e3 in check_compress_level zlib-ng/test/fuzz/compress_fuzzer.c:18:3
  madler#4 0x5862fd in LLVMFuzzerTestOneInput zlib-ng/test/fuzz/compress_fuzzer.c:38:3
  madler#5 0x4e9b48 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/libfuzzer/FuzzerLoop.cpp:575:15
  madler#6 0x4a2f66 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/libfuzzer/FuzzerDriver.cpp:280:6
  madler#7 0x4b3adb in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/libfuzzer/FuzzerDriver.cpp:715:9
  madler#8 0x4a2091 in main /src/libfuzzer/FuzzerMain.cpp:20:10
  madler#9 0x7fea2fea482f in __libc_start_main /build/glibc-Cl5G7W/glibc-2.23/csu/libc-start.c:291
  madler#10 0x41ec68 in _start
Uninitialized value was created by a heap allocation
  #0 0x45f2a0 in malloc /src/llvm/projects/compiler-rt/lib/msan/msan_interceptors.cc:910
  madler#1 0x587d42 in zng_deflateInit2_ zlib-ng/deflate.c:284:27
  madler#2 0x5874fa in zng_deflateInit_ zlib-ng/deflate.c:224:12
  madler#3 0x586c95 in zng_compress2 zlib-ng/compress.c:41:11
  madler#4 0x5866e3 in check_compress_level zlib-ng/test/fuzz/compress_fuzzer.c:18:3
  madler#5 0x5862fd in LLVMFuzzerTestOneInput zlib-ng/test/fuzz/compress_fuzzer.c:38:3
  madler#6 0x4e9b48 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/libfuzzer/FuzzerLoop.cpp:575:15
  madler#7 0x4a2f66 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/libfuzzer/FuzzerDriver.cpp:280:6
  madler#8 0x4b3adb in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/libfuzzer/FuzzerDriver.cpp:715:9
  madler#9 0x4a2091 in main /src/libfuzzer/FuzzerMain.cpp:20:10
  madler#10 0x7fea2fea482f in __libc_start_main /build/glibc-Cl5G7W/glibc-2.23/csu/libc-start.c:291
hzhuang1 pushed a commit to Linaro/warpdrive-zlib that referenced this pull request Jul 31, 2019
@Dead2
fix bug madler#192, oss-fuzz/9827 : MemorySanitizer:DEADLYSIGNAL
29b6ab4 
==4908==ERROR: MemorySanitizer: SEGV on unknown address 0x730fffffffff (pc 0x0000004b1b97 bp 0x7ffd4bf59a00 sp 0x7ffd4bf598a0 T4908)
==4908==The signal is caused by a READ memory access.
  #0 0x5a0599 in fizzle_matches zlib-ng/deflate_medium.c:168:12
  madler#1 0x59ea27 in deflate_medium zlib-ng/deflate_medium.c:296:21
  madler#2 0x5901c5 in zng_deflate zlib-ng/deflate.c:951:18
  madler#3 0x586955 in zng_compress2 zlib-ng/compress.c:59:15
  madler#4 0x5861eb in LLVMFuzzerTestOneInput zlib-ng/test/fuzz/compress_fuzzer.c:18:3
  madler#5 0x4e9b48 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/libfuzzer/FuzzerLoop.cpp:575:15
  madler#6 0x4a2f66 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/libfuzzer/FuzzerDriver.cpp:280:6
  madler#7 0x4b3adb in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/libfuzzer/FuzzerDriver.cpp:715:9
  madler#8 0x4a2091 in main /src/libfuzzer/FuzzerMain.cpp:20:10
  madler#9 0x7fa3d7ff582f in __libc_start_main /build/glibc-Cl5G7W/glibc-2.23/csu/libc-start.c:291
  madler#10 0x41ec68 in _start
nmoinvaz pushed a commit to nmoinvaz/zlib that referenced this pull request May 2, 2020
@tomaszmduda @vkrasnov
Correctly check architecture on FreeBSD (madler#10)
634a6b9 
On FreeBSD amd64 is named... 'amd64', not 'x86_64'. This is what
'uname -m' prints.
jinfeihan57 pushed a commit to minchai23/zlib that referenced this pull request Sep 15, 2020
@cpupreme @kuba--
zip_extract: handle directories within zip files (madler#10)
faf26db 
Thanks!
Lecrapouille pushed a commit to Lecrapouille/zlib that referenced this pull request Sep 5, 2021
@Lecrapouille
oss-fuzz/11360: clear out s->prev buffer to avoid undefined behavior
b0f57e3 
this patch fixes a use of uninitialized value discovered by one of the fuzzers
of the oss-fuzz project:
https://github.com/google/oss-fuzz/blob/master/projects/zlib/example_dict_fuzzer.c
clang's memory sanitizer fails with:

==1==WARNING: MemorySanitizer: use-of-uninitialized-value
    #0 0x5930dd in slide_hash zlib/deflate.c:222:20
    madler#1 0x589461 in fill_window zlib/deflate.c:1558:13
    madler#2 0x59828f in deflate_rle zlib/deflate.c:2119:13
    madler#3 0x590614 in deflate zlib/deflate.c:1045:41
    madler#4 0x4a2d56 in test_dict_deflate /src/example_dict_fuzzer.c:79:11
    madler#5 0x4a3e9b in LLVMFuzzerTestOneInput /src/example_dict_fuzzer.c:156:3
    madler#6 0x4ed04b in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/libfuzzer/FuzzerLoop.cpp:571:15
    madler#7 0x4a4ff6 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/libfuzzer/FuzzerDriver.cpp:280:6
    madler#8 0x4b5e1a in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/libfuzzer/FuzzerDriver.cpp:713:9
    madler#9 0x4a4121 in main /src/libfuzzer/FuzzerMain.cpp:20:10
    madler#10 0x7f3d7a13b82f in __libc_start_main /build/glibc-Cl5G7W/glibc-2.23/csu/libc-start.c:291
    madler#11 0x41ed08 in _start
  Uninitialized value was created by a heap allocation
    #0 0x45fa10 in malloc /src/llvm/projects/compiler-rt/lib/msan/msan_interceptors.cc:911
    madler#1 0x586920 in deflateInit2_ zlib/deflate.c:320:27
    madler#2 0x4a2a24 in test_dict_deflate /src/example_dict_fuzzer.c:61:11
    madler#3 0x4a3e9b in LLVMFuzzerTestOneInput /src/example_dict_fuzzer.c:156:3
    madler#4 0x4ed04b in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/libfuzzer/FuzzerLoop.cpp:571:15
    madler#5 0x4a4ff6 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/libfuzzer/FuzzerDriver.cpp:280:6
    madler#6 0x4b5e1a in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/libfuzzer/FuzzerDriver.cpp:713:9
    madler#7 0x4a4121 in main /src/libfuzzer/FuzzerMain.cpp:20:10
    madler#8 0x7f3d7a13b82f in __libc_start_main /build/glibc-Cl5G7W/glibc-2.23/csu/libc-start.c:291
RytoEX pushed a commit to RytoEX/zlib that referenced this pull request Nov 10, 2022
@JeromeMartinez
Merge pull request madler#10 from JeromeMartinez/VC16
de72d39 
VC16 project files
@wangzengliang123 wangzengliang123 mentioned this pull request Feb 5, 2026
Closed
blitzy bot pushed a commit to Blitzy-Sandbox/blitzy-zlib that referenced this pull request Feb 25, 2026
@blitzyai
Fix 12 code review findings (Checkpoint 3): inflate BufError/double-c…
c6ec23d 
…ount/buffer continuity, detect_data_type propagation, constant dedup, gz/read workaround removal

Resolved all 12 findings from Checkpoint 3 review:

MAJOR fixes:
- #1: detect_data_type() result now stored in DeflateState.data_type and
  propagated to stream.data_type via flush_block_only (trees.rs, state.rs, algorithm.rs)
- madler#6: BufError logic flattened to match C inflate.c L1150 exactly (inflate/mod.rs)
- madler#7: Check mode double-counting fixed with out_start=left reset matching C L1081
- madler#8: Removed avail_out==0 StreamError guard to allow header-only processing
- madler#9: inflate_fast now shares output_buf with slow path (start=0), fixing
  back-reference continuity across slow-to-fast transitions

MINOR fixes:
- #2: Added debug_assert to put_short/put_byte for buffer overflow detection
- madler#3: Removed unused TOO_FAR from hash.rs
- madler#4: Consolidated MIN_LOOKAHEAD to deflate/mod.rs, imported in submodules
- madler#10: Documented borrow-checker input copy requirement in inflate
- madler#11: inflate_get_header takes Box<GzHeader>; added header()/header_mut() accessors

INFO fixes:
- madler#5: Documented allocation strategy in flush_block_only; added capacity hints
- madler#12: Removed INFLATE_SAFE_OUT=257 workaround in gz/read.rs

FFI layer updated to Box::new() header in inflateGetHeader wrapper.
All 269 tests pass, zero new compilation errors, zero new clippy violations.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@poiru