bug#63848: [PATCH] Incorrect usage of inflate() from zlib in decompress.c

bug#63848: [PATCH] Incorrect usage of inflate() from zlib in decompress.c

[cortexauth]

[-- Attachment #1: Type: text/html, Size: 3177 bytes --]

bug#63848: [PATCH] Incorrect usage of inflate() from zlib in decompress.c

[Eli Zaretskii]

merge 63848 63832
thanks

> Date: Fri, 2 Jun 2023 16:44:25 +0530
> From: cortexauth <deepak.takumi.120@gmail.com>
> 
> While building Emacs one of my friends encountered a bug where entering certain commands such as
> `M-x eww RET`
> After some digging in, we found this was because of Z_BUF_ERROR arising in decompress.c:150
> 
> Per the docs (inflate (linuxbase.org)) this happens when either of in or out buffer runs out and there is
> no further possible progress
> 
> The code makes a wrong assumption that IF `stream.avail_out` is zero, we can keep on inflating. It’s
> possible for `stream.avail_in` and `stream.avail_out` to be both zero at the same time (I don’t have a
> minimalistic test case for this yet, but I am sure that one can construct this with some thought)
> 
> Following is the patch for the fix
> 
> --
> --- a/src/decompress.c
> 
> +++ b/src/decompress.c
> 
> @@ -151,7 +151,7 @@ md5_gz_stream (FILE *source, void *resblock)
> 
>         return -1;
> 
>  
> 
>        accumulate_and_process_md5 (out, MD5_BLOCKSIZE - stream.avail_out, &ctx);
> 
> -    } while (stream.avail_in && !stream.avail_out);
> 
> +    } while (!stream.avail_out);
> 
>  
> 
>    } while (res != Z_STREAM_END);
> --
> 
> This is also my first time contributing so I might have made mistakes in making a good patch (one is
> obviously my incapability to quickly think of minimal test case), so I will appreciate suggestions 

Another duplicate of bug#63832.