noahbackus/godot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 2 Wiki Activity

zlib/minizip: Update to version 1.2.12

Browse Source 
Security update, fixes CVE-2018-25032 in zlib.

Preliminary assessment doesn't show Godot as affected since we don't
seem to call `deflate` with the problematic parameters, but the extent
of the vulnerability is not fully clear upstream yet.
This commit is contained in:
Rémi Verschelde
2022-03-31 14:14:05 +02:00
parent a647fb3e62
commit 420d0d50bc
27 changed files with 10912 additions and 1114 deletions
Download Patch File Download Diff File Expand all files Collapse all files
thirdparty/zlib/inffast.c
Vendored
+14 -14
View File
@@ -70,7 +70,7 @@ unsigned start; /* inflate()'s starting value for strm->avail_out */
code const FAR *dcode; /* local strm->distcode */
unsigned lmask; /* mask for first level of length codes */
unsigned dmask; /* mask for first level of distance codes */
code here; /* retrieved table entry */
code const *here; /* retrieved table entry */
unsigned op; /* code bits, operation, extra bits, or */
/* window position, window bytes to copy */
unsigned len; /* match length, unused bytes */
@@ -107,20 +107,20 @@ unsigned start; /* inflate()'s starting value for strm->avail_out */
hold += (unsigned long)(*in++) << bits;
bits += 8;
}
here = lcode[hold & lmask];
here = lcode + (hold & lmask);
dolen:
op = (unsigned)(here.bits);
op = (unsigned)(here->bits);
hold >>= op;
bits -= op;
op = (unsigned)(here.op);
op = (unsigned)(here->op);
if (op == 0) { /* literal */
Tracevv((stderr, here.val >= 0x20 && here.val < 0x7f ?
Tracevv((stderr, here->val >= 0x20 && here->val < 0x7f ?
"inflate: literal '%c'\n" :
"inflate: literal 0x%02x\n", here.val));
*out++ = (unsigned char)(here.val);
"inflate: literal 0x%02x\n", here->val));
*out++ = (unsigned char)(here->val);
}
else if (op & 16) { /* length base */
len = (unsigned)(here.val);
len = (unsigned)(here->val);
op &= 15; /* number of extra bits */
if (op) {
if (bits < op) {
@@ -138,14 +138,14 @@ unsigned start; /* inflate()'s starting value for strm->avail_out */
hold += (unsigned long)(*in++) << bits;
bits += 8;
}
here = dcode[hold & dmask];
here = dcode + (hold & dmask);
dodist:
op = (unsigned)(here.bits);
op = (unsigned)(here->bits);
hold >>= op;
bits -= op;
op = (unsigned)(here.op);
op = (unsigned)(here->op);
if (op & 16) { /* distance base */
dist = (unsigned)(here.val);
dist = (unsigned)(here->val);
op &= 15; /* number of extra bits */
if (bits < op) {
hold += (unsigned long)(*in++) << bits;
@@ -264,7 +264,7 @@ unsigned start; /* inflate()'s starting value for strm->avail_out */
}
}
else if ((op & 64) == 0) { /* 2nd level distance code */
here = dcode[here.val + (hold & ((1U << op) - 1))];
here = dcode + here->val + (hold & ((1U << op) - 1));
goto dodist;
}
else {
@@ -274,7 +274,7 @@ unsigned start; /* inflate()'s starting value for strm->avail_out */
}
}
else if ((op & 64) == 0) { /* 2nd level length code */
here = lcode[here.val + (hold & ((1U << op) - 1))];
here = lcode + here->val + (hold & ((1U << op) - 1));
goto dolen;
}
else if (op & 32) { /* end-of-block */