gunzip: fix from gzip-1.3.12 for gzip file with all zero length codes

Corresponding changelog from gzip-1.3.12 reads:

"""
2006-12-20  Paul Eggert  <eggert@cs.ucla.edu>
        * inflate.c (huft_build): Fix regression that caused gzip to
        refuse to uncompress null input (all zero length codes).  Problem
        reported by Yiorgos Adamopoulos.  This regression was caused by
        the security patch installed 2006-11-20, which in turn came from
        Debian, which in turn apparently came from Thomas Biege of SuSe.
"""

function                                             old     new   delta
huft_build                                          1176    1216     +40

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
This commit is contained in:
Denys Vlasenko 2018-02-04 00:15:29 +01:00
parent 0e60a36c92
commit 2598915d43

View File

@ -280,8 +280,8 @@ static unsigned fill_bitbuffer(STATE_PARAM unsigned bitbuffer, unsigned *current
/* Given a list of code lengths and a maximum table size, make a set of
* tables to decode that set of codes. Return zero on success, one if
* the given code set is incomplete (the tables are still built in this
* case), two if the input is invalid (all zero length codes or an
* oversubscribed set of lengths) - in this case stores NULL in *t.
* case), two if the input is invalid (an oversubscribed set of lengths)
* - in this case stores NULL in *t.
*
* b: code lengths in bits (all assumed <= BMAX)
* n: number of codes (assumed <= N_MAX)
@ -330,8 +330,15 @@ static int huft_build(const unsigned *b, const unsigned n,
p++; /* can't combine with above line (Solaris bug) */
} while (--i);
if (c[0] == n) { /* null input - all zero length codes */
*m = 0;
return 2;
q = xzalloc(3 * sizeof(*q));
//q[0].v.t = NULL;
q[1].e = 99; /* invalid code marker */
q[1].b = 1;
q[2].e = 99; /* invalid code marker */
q[2].b = 1;
*t = q + 1;
*m = 1;
return 0;
}
/* Find minimum and maximum length, bound *m by those */