GNU bug report logs - #63848
[PATCH] Incorrect usage of inflate() from zlib in decompress.c

Previous Next

Package: emacs;

Reported by: cortexauth <deepak.takumi.120 <at> gmail.com>

Date: Fri, 2 Jun 2023 15:23:02 UTC

Severity: normal

Tags: patch

Merged with 63831, 63832

Done: Eli Zaretskii <eliz <at> gnu.org>

Bug is archived. No further changes may be made.

To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 63848 in the body.
You can then email your comments to 63848 AT debbugs.gnu.org in the normal way.

Toggle the display of automated, internal messages from the tracker.

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to bug-gnu-emacs <at> gnu.org:
bug#63848; Package emacs. (Fri, 02 Jun 2023 15:23:02 GMT) Full text and rfc822 format available.
Acknowledgement sent to cortexauth <deepak.takumi.120 <at> gmail.com>:
New bug report received and forwarded. Copy sent to bug-gnu-emacs <at> gnu.org. (Fri, 02 Jun 2023 15:23:02 GMT) Full text and rfc822 format available.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: cortexauth <deepak.takumi.120 <at> gmail.com>
To: "bug-gnu-emacs <at> gnu.org" <bug-gnu-emacs <at> gnu.org>
Subject: [PATCH] Incorrect usage of inflate() from zlib in decompress.c
Date: Fri, 2 Jun 2023 16:44:25 +0530

[Message part 1 (text/html, inline)]
Information forwarded to bug-gnu-emacs <at> gnu.org:
bug#63848; Package emacs. (Fri, 02 Jun 2023 15:35:01 GMT) Full text and rfc822 format available.

Message #8 received at 63848 <at> debbugs.gnu.org (full text, mbox):

From: Eli Zaretskii <eliz <at> gnu.org>
To: cortexauth <deepak.takumi.120 <at> gmail.com>
Cc: 63848 <at> debbugs.gnu.org
Subject: Re: bug#63848: [PATCH] Incorrect usage of inflate() from zlib in
 decompress.c
Date: Fri, 02 Jun 2023 18:35:18 +0300

merge 63848 63832
thanks

> Date: Fri, 2 Jun 2023 16:44:25 +0530
> From: cortexauth <deepak.takumi.120 <at> gmail.com>
> 
> While building Emacs one of my friends encountered a bug where entering certain commands such as
> `M-x eww RET`
> After some digging in, we found this was because of Z_BUF_ERROR arising in decompress.c:150
> 
> Per the docs (inflate (linuxbase.org)) this happens when either of in or out buffer runs out and there is
> no further possible progress
> 
> The code makes a wrong assumption that IF `stream.avail_out` is zero, we can keep on inflating. It’s
> possible for `stream.avail_in` and `stream.avail_out` to be both zero at the same time (I don’t have a
> minimalistic test case for this yet, but I am sure that one can construct this with some thought)
> 
> Following is the patch for the fix
> 
> --
> --- a/src/decompress.c
> 
> +++ b/src/decompress.c
> 
> @@ -151,7 +151,7 @@ md5_gz_stream (FILE *source, void *resblock)
> 
>         return -1;
> 
>  
> 
>        accumulate_and_process_md5 (out, MD5_BLOCKSIZE - stream.avail_out, &ctx);
> 
> -    } while (stream.avail_in && !stream.avail_out);
> 
> +    } while (!stream.avail_out);
> 
>  
> 
>    } while (res != Z_STREAM_END);
> --
> 
> This is also my first time contributing so I might have made mistakes in making a good patch (one is
> obviously my incapability to quickly think of minimal test case), so I will appreciate suggestions 

Another duplicate of bug#63832.
Merged 63831 63832 63848. Request was from Eli Zaretskii <eliz <at> gnu.org> to control <at> debbugs.gnu.org. (Fri, 02 Jun 2023 15:35:02 GMT) Full text and rfc822 format available.
bug archived. Request was from Debbugs Internal Request <help-debbugs <at> gnu.org> to internal_control <at> debbugs.gnu.org. (Thu, 06 Jul 2023 11:24:05 GMT) Full text and rfc822 format available.
bug unarchived. Request was from Ulrich Mueller <ulm <at> gentoo.org> to control <at> debbugs.gnu.org. (Tue, 01 Aug 2023 05:37:02 GMT) Full text and rfc822 format available.
bug archived. Request was from Debbugs Internal Request <help-debbugs <at> gnu.org> to internal_control <at> debbugs.gnu.org. (Tue, 29 Aug 2023 11:24:05 GMT) Full text and rfc822 format available.
This bug report was last modified 237 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.