ref: 52f98baf9162f841e69d23a9fd5d3dd707310842
parent: 5c797740cb2c9e6dd6a86f3829e1ff0ef029f5e3
author: menno <menno>
date: Thu Mar 28 14:53:34 EST 2002
Updated ZLib version to avoid possible security bug
--- a/common/id3lib/zlib/include/deflate.h
+++ b/common/id3lib/zlib/include/deflate.h
@@ -1,5 +1,5 @@
/* deflate.h -- internal compression state
- * Copyright (C) 1995-1998 Jean-loup Gailly
+ * Copyright (C) 1995-2002 Jean-loup Gailly
* For conditions of distribution and use, see copyright notice in zlib.h
*/
@@ -8,7 +8,7 @@
subject to change. Applications should only use zlib.h.
*/
-/* @(#) $Id: deflate.h,v 1.1 2002/01/21 08:16:22 menno Exp $ */
+/* @(#) $Id: deflate.h,v 1.2 2002/03/28 19:53:34 menno Exp $ */
#ifndef _DEFLATE_H
#define _DEFLATE_H
--- a/common/id3lib/zlib/include/infblock.h
+++ b/common/id3lib/zlib/include/infblock.h
@@ -1,5 +1,5 @@
/* infblock.h -- header to use infblock.c
- * Copyright (C) 1995-1998 Mark Adler
+ * Copyright (C) 1995-2002 Mark Adler
* For conditions of distribution and use, see copyright notice in zlib.h
*/
--- a/common/id3lib/zlib/include/infcodes.h
+++ b/common/id3lib/zlib/include/infcodes.h
@@ -1,5 +1,5 @@
/* infcodes.h -- header to use infcodes.c
- * Copyright (C) 1995-1998 Mark Adler
+ * Copyright (C) 1995-2002 Mark Adler
* For conditions of distribution and use, see copyright notice in zlib.h
*/
--- a/common/id3lib/zlib/include/inffast.h
+++ b/common/id3lib/zlib/include/inffast.h
@@ -1,5 +1,5 @@
/* inffast.h -- header to use inffast.c
- * Copyright (C) 1995-1998 Mark Adler
+ * Copyright (C) 1995-2002 Mark Adler
* For conditions of distribution and use, see copyright notice in zlib.h
*/
--- a/common/id3lib/zlib/include/inftrees.h
+++ b/common/id3lib/zlib/include/inftrees.h
@@ -1,5 +1,5 @@
/* inftrees.h -- header to use inftrees.c
- * Copyright (C) 1995-1998 Mark Adler
+ * Copyright (C) 1995-2002 Mark Adler
* For conditions of distribution and use, see copyright notice in zlib.h
*/
--- a/common/id3lib/zlib/include/infutil.h
+++ b/common/id3lib/zlib/include/infutil.h
@@ -1,5 +1,5 @@
/* infutil.h -- types and macros common to blocks and codes
- * Copyright (C) 1995-1998 Mark Adler
+ * Copyright (C) 1995-2002 Mark Adler
* For conditions of distribution and use, see copyright notice in zlib.h
*/
--- a/common/id3lib/zlib/include/zconf.h
+++ b/common/id3lib/zlib/include/zconf.h
@@ -1,9 +1,9 @@
/* zconf.h -- configuration of the zlib compression library
- * Copyright (C) 1995-1998 Jean-loup Gailly.
+ * Copyright (C) 1995-2002 Jean-loup Gailly.
* For conditions of distribution and use, see copyright notice in zlib.h
*/
-/* @(#) $Id: zconf.h,v 1.1 2002/01/21 08:16:22 menno Exp $ */
+/* @(#) $Id: zconf.h,v 1.2 2002/03/28 19:53:34 menno Exp $ */
#ifndef _ZCONF_H
#define _ZCONF_H
--- a/common/id3lib/zlib/include/zlib.h
+++ b/common/id3lib/zlib/include/zlib.h
@@ -1,7 +1,7 @@
/* zlib.h -- interface of the 'zlib' general purpose compression library
- version 1.1.3, July 9th, 1998
+ version 1.1.4, March 11th, 2002
- Copyright (C) 1995-1998 Jean-loup Gailly and Mark Adler
+ Copyright (C) 1995-2002 Jean-loup Gailly and Mark Adler
This software is provided 'as-is', without any express or implied
warranty. In no event will the authors be held liable for any damages
@@ -37,7 +37,7 @@
extern "C" {#endif
-#define ZLIB_VERSION "1.1.3"
+#define ZLIB_VERSION "1.1.4"
/*
The 'zlib' compression library provides in-memory compression and
--- a/common/id3lib/zlib/include/zutil.h
+++ b/common/id3lib/zlib/include/zutil.h
@@ -1,5 +1,5 @@
/* zutil.h -- internal interface and configuration of the compression library
- * Copyright (C) 1995-1998 Jean-loup Gailly.
+ * Copyright (C) 1995-2002 Jean-loup Gailly.
* For conditions of distribution and use, see copyright notice in zlib.h
*/
@@ -8,7 +8,7 @@
subject to change. Applications should only use zlib.h.
*/
-/* @(#) $Id: zutil.h,v 1.1 2002/01/21 08:16:22 menno Exp $ */
+/* @(#) $Id: zutil.h,v 1.2 2002/03/28 19:53:34 menno Exp $ */
#ifndef _Z_UTIL_H
#define _Z_UTIL_H
--- a/common/id3lib/zlib/src/adler32.c
+++ b/common/id3lib/zlib/src/adler32.c
@@ -1,9 +1,9 @@
/* adler32.c -- compute the Adler-32 checksum of a data stream
- * Copyright (C) 1995-1998 Mark Adler
+ * Copyright (C) 1995-2002 Mark Adler
* For conditions of distribution and use, see copyright notice in zlib.h
*/
-/* @(#) $Id: adler32.c,v 1.1 2002/01/21 08:16:23 menno Exp $ */
+/* @(#) $Id: adler32.c,v 1.2 2002/03/28 19:53:34 menno Exp $ */
#include "zlib.h"
--- a/common/id3lib/zlib/src/compress.c
+++ b/common/id3lib/zlib/src/compress.c
@@ -1,9 +1,9 @@
/* compress.c -- compress a memory buffer
- * Copyright (C) 1995-1998 Jean-loup Gailly.
+ * Copyright (C) 1995-2002 Jean-loup Gailly.
* For conditions of distribution and use, see copyright notice in zlib.h
*/
-/* @(#) $Id: compress.c,v 1.1 2002/01/21 08:16:23 menno Exp $ */
+/* @(#) $Id: compress.c,v 1.2 2002/03/28 19:53:34 menno Exp $ */
#include "zlib.h"
--- a/common/id3lib/zlib/src/crc32.c
+++ b/common/id3lib/zlib/src/crc32.c
@@ -1,9 +1,9 @@
/* crc32.c -- compute the CRC-32 of a data stream
- * Copyright (C) 1995-1998 Mark Adler
+ * Copyright (C) 1995-2002 Mark Adler
* For conditions of distribution and use, see copyright notice in zlib.h
*/
-/* @(#) $Id: crc32.c,v 1.1 2002/01/21 08:16:23 menno Exp $ */
+/* @(#) $Id: crc32.c,v 1.2 2002/03/28 19:53:34 menno Exp $ */
#include "zlib.h"
--- a/common/id3lib/zlib/src/deflate.c
+++ b/common/id3lib/zlib/src/deflate.c
@@ -1,5 +1,5 @@
/* deflate.c -- compress data using the deflation algorithm
- * Copyright (C) 1995-1998 Jean-loup Gailly.
+ * Copyright (C) 1995-2002 Jean-loup Gailly.
* For conditions of distribution and use, see copyright notice in zlib.h
*/
@@ -47,12 +47,12 @@
*
*/
-/* @(#) $Id: deflate.c,v 1.1 2002/01/21 08:16:23 menno Exp $ */
+/* @(#) $Id: deflate.c,v 1.2 2002/03/28 19:53:34 menno Exp $ */
#include "deflate.h"
const char deflate_copyright[] =
- " deflate 1.1.3 Copyright 1995-1998 Jean-loup Gailly ";
+ " deflate 1.1.4 Copyright 1995-2002 Jean-loup Gailly ";
/*
If you use the zlib library in a product, an acknowledgment is welcome
in the documentation of your product. If for some reason you cannot
@@ -242,7 +242,7 @@
windowBits = -windowBits;
}
if (memLevel < 1 || memLevel > MAX_MEM_LEVEL || method != Z_DEFLATED ||
- windowBits < 8 || windowBits > 15 || level < 0 || level > 9 ||
+ windowBits < 9 || windowBits > 15 || level < 0 || level > 9 ||
strategy < 0 || strategy > Z_HUFFMAN_ONLY) {return Z_STREAM_ERROR;
}
--- a/common/id3lib/zlib/src/gzio.c
+++ b/common/id3lib/zlib/src/gzio.c
@@ -1,11 +1,11 @@
/* gzio.c -- IO on .gz files
- * Copyright (C) 1995-1998 Jean-loup Gailly.
+ * Copyright (C) 1995-2002 Jean-loup Gailly.
* For conditions of distribution and use, see copyright notice in zlib.h
*
* Compile this file with -DNO_DEFLATE to avoid the compression code.
*/
-/* @(#) $Id: gzio.c,v 1.1 2002/01/21 08:16:23 menno Exp $ */
+/* @(#) $Id: gzio.c,v 1.2 2002/03/28 19:53:34 menno Exp $ */
#include <stdio.h>
--- a/common/id3lib/zlib/src/infblock.c
+++ b/common/id3lib/zlib/src/infblock.c
@@ -1,5 +1,5 @@
/* infblock.c -- interpret and process block types to last block
- * Copyright (C) 1995-1998 Mark Adler
+ * Copyright (C) 1995-2002 Mark Adler
* For conditions of distribution and use, see copyright notice in zlib.h
*/
@@ -249,10 +249,12 @@
&s->sub.trees.tb, s->hufts, z);
if (t != Z_OK)
{- ZFREE(z, s->sub.trees.blens);
r = t;
if (r == Z_DATA_ERROR)
+ {+ ZFREE(z, s->sub.trees.blens);
s->mode = BAD;
+ }
LEAVE
}
s->sub.trees.index = 0;
@@ -313,11 +315,13 @@
t = inflate_trees_dynamic(257 + (t & 0x1f), 1 + ((t >> 5) & 0x1f),
s->sub.trees.blens, &bl, &bd, &tl, &td,
s->hufts, z);
- ZFREE(z, s->sub.trees.blens);
if (t != Z_OK)
{if (t == (uInt)Z_DATA_ERROR)
+ {+ ZFREE(z, s->sub.trees.blens);
s->mode = BAD;
+ }
r = t;
LEAVE
}
@@ -329,6 +333,7 @@
}
s->sub.decode.codes = c;
}
+ ZFREE(z, s->sub.trees.blens);
s->mode = CODES;
case CODES:
UPDATE
--- a/common/id3lib/zlib/src/infcodes.c
+++ b/common/id3lib/zlib/src/infcodes.c
@@ -1,5 +1,5 @@
/* infcodes.c -- process literals and length/distance pairs
- * Copyright (C) 1995-1998 Mark Adler
+ * Copyright (C) 1995-2002 Mark Adler
* For conditions of distribution and use, see copyright notice in zlib.h
*/
@@ -196,15 +196,9 @@
Tracevv((stderr, "inflate: distance %u\n", c->sub.copy.dist));
c->mode = COPY;
case COPY: /* o: copying bytes in window, waiting for space */
-#ifndef __TURBOC__ /* Turbo C bug for following expression */
- f = (uInt)(q - s->window) < c->sub.copy.dist ?
- s->end - (c->sub.copy.dist - (q - s->window)) :
- q - c->sub.copy.dist;
-#else
f = q - c->sub.copy.dist;
- if ((uInt)(q - s->window) < c->sub.copy.dist)
- f = s->end - (c->sub.copy.dist - (uInt)(q - s->window));
-#endif
+ while (f < s->window) /* modulo window size-"while" instead */
+ f += s->end - s->window; /* of "if" handles invalid distances */
while (c->len)
{NEEDOUT
--- a/common/id3lib/zlib/src/inffast.c
+++ b/common/id3lib/zlib/src/inffast.c
@@ -1,5 +1,5 @@
/* inffast.c -- process literals and length/distance pairs fast
- * Copyright (C) 1995-1998 Mark Adler
+ * Copyright (C) 1995-2002 Mark Adler
* For conditions of distribution and use, see copyright notice in zlib.h
*/
@@ -93,28 +93,41 @@
/* do the copy */
m -= c;
- if ((uInt)(q - s->window) >= d) /* offset before dest */
- { /* just copy */- r = q - d;
- *q++ = *r++; c--; /* minimum count is three, */
- *q++ = *r++; c--; /* so unroll loop a little */
- }
- else /* else offset after destination */
+ r = q - d;
+ if (r < s->window) /* wrap if needed */
{- e = d - (uInt)(q - s->window); /* bytes from offset to end */
- r = s->end - e; /* pointer to offset */
- if (c > e) /* if source crosses, */
+ do {+ r += s->end - s->window; /* force pointer in window */
+ } while (r < s->window); /* covers invalid distances */
+ e = s->end - r;
+ if (c > e)
{- c -= e; /* copy to end of window */
+ c -= e; /* wrapped copy */
do {- *q++ = *r++;
+ *q++ = *r++;
} while (--e);
- r = s->window; /* copy rest from start of window */
+ r = s->window;
+ do {+ *q++ = *r++;
+ } while (--c);
}
+ else /* normal copy */
+ {+ *q++ = *r++; c--;
+ *q++ = *r++; c--;
+ do {+ *q++ = *r++;
+ } while (--c);
+ }
}
- do { /* copy all or what's left */- *q++ = *r++;
- } while (--c);
+ else /* normal copy */
+ {+ *q++ = *r++; c--;
+ *q++ = *r++; c--;
+ do {+ *q++ = *r++;
+ } while (--c);
+ }
break;
}
else if ((e & 64) == 0)
--- a/common/id3lib/zlib/src/inflate.c
+++ b/common/id3lib/zlib/src/inflate.c
@@ -1,5 +1,5 @@
/* inflate.c -- zlib interface to inflate modules
- * Copyright (C) 1995-1998 Mark Adler
+ * Copyright (C) 1995-2002 Mark Adler
* For conditions of distribution and use, see copyright notice in zlib.h
*/
--- a/common/id3lib/zlib/src/inftrees.c
+++ b/common/id3lib/zlib/src/inftrees.c
@@ -1,5 +1,5 @@
/* inftrees.c -- generate Huffman trees for efficient decoding
- * Copyright (C) 1995-1998 Mark Adler
+ * Copyright (C) 1995-2002 Mark Adler
* For conditions of distribution and use, see copyright notice in zlib.h
*/
@@ -11,7 +11,7 @@
#endif
const char inflate_copyright[] =
- " inflate 1.1.3 Copyright 1995-1998 Mark Adler ";
+ " inflate 1.1.4 Copyright 1995-2002 Mark Adler ";
/*
If you use the zlib library in a product, an acknowledgment is welcome
in the documentation of your product. If for some reason you cannot
@@ -104,8 +104,7 @@
/* Given a list of code lengths and a maximum table size, make a set of
tables to decode that set of codes. Return Z_OK on success, Z_BUF_ERROR
if the given code set is incomplete (the tables are still built in this
- case), Z_DATA_ERROR if the input is invalid (an over-subscribed set of
- lengths), or Z_MEM_ERROR if not enough memory. */
+ case), or Z_DATA_ERROR if the input is invalid. */
{uInt a; /* counter for codes of length k */
@@ -231,7 +230,7 @@
/* allocate new table */
if (*hn + z > MANY) /* (note: doesn't matter for fixed) */
- return Z_MEM_ERROR; /* not enough memory */
+ return Z_DATA_ERROR; /* overflow of MANY */
u[h] = q = hp + *hn;
*hn += z;
--- a/common/id3lib/zlib/src/infutil.c
+++ b/common/id3lib/zlib/src/infutil.c
@@ -1,5 +1,5 @@
/* inflate_util.c -- data and routines common to blocks and codes
- * Copyright (C) 1995-1998 Mark Adler
+ * Copyright (C) 1995-2002 Mark Adler
* For conditions of distribution and use, see copyright notice in zlib.h
*/
--- a/common/id3lib/zlib/src/trees.c
+++ b/common/id3lib/zlib/src/trees.c
@@ -1,5 +1,5 @@
/* trees.c -- output deflated data using Huffman coding
- * Copyright (C) 1995-1998 Jean-loup Gailly
+ * Copyright (C) 1995-2002 Jean-loup Gailly
* For conditions of distribution and use, see copyright notice in zlib.h
*/
@@ -29,7 +29,7 @@
* Addison-Wesley, 1983. ISBN 0-201-06672-6.
*/
-/* @(#) $Id: trees.c,v 1.1 2002/01/21 08:16:23 menno Exp $ */
+/* @(#) $Id: trees.c,v 1.2 2002/03/28 19:53:34 menno Exp $ */
/* #define GEN_TREES_H */
--- a/common/id3lib/zlib/src/uncompr.c
+++ b/common/id3lib/zlib/src/uncompr.c
@@ -1,9 +1,9 @@
/* uncompr.c -- decompress a memory buffer
- * Copyright (C) 1995-1998 Jean-loup Gailly.
+ * Copyright (C) 1995-2002 Jean-loup Gailly.
* For conditions of distribution and use, see copyright notice in zlib.h
*/
-/* @(#) $Id: uncompr.c,v 1.1 2002/01/21 08:16:23 menno Exp $ */
+/* @(#) $Id: uncompr.c,v 1.2 2002/03/28 19:53:34 menno Exp $ */
#include "zlib.h"
--- a/common/id3lib/zlib/src/zutil.c
+++ b/common/id3lib/zlib/src/zutil.c
@@ -1,9 +1,9 @@
/* zutil.c -- target dependent utility functions for the compression library
- * Copyright (C) 1995-1998 Jean-loup Gailly.
+ * Copyright (C) 1995-2002 Jean-loup Gailly.
* For conditions of distribution and use, see copyright notice in zlib.h
*/
-/* @(#) $Id: zutil.c,v 1.1 2002/01/21 08:16:23 menno Exp $ */
+/* @(#) $Id: zutil.c,v 1.2 2002/03/28 19:53:34 menno Exp $ */
#include "zutil.h"