!53 [sync] PR-51: downgrade to zlib-1.2.13

From: @openeuler-sync-bot Reviewed-by: @znzjugod Signed-off-by: @znzjugod
2024-05-15 03:25:30 +00:00 · 2024-05-15 03:25:30 +00:00 · e9e8e63fc7
commit e9e8e63fc7
parent 20d8ac9247 2055783c70
6 changed files with 75 additions and 27 deletions
--- a/backport-CVE-2023-45853.patch
+++ b/backport-CVE-2023-45853.patch
@ -0,0 +1,39 @@
+From 73331a6a0481067628f065ffe87bb1d8f787d10c Mon Sep 17 00:00:00 2001
+From: Hans Wennborg <hans@chromium.org>
+Date: Fri, 18 Aug 2023 11:05:33 +0200
+Subject: [PATCH] Reject overflows of zip header fields in minizip.
+
+This checks the lengths of the file name, extra field, and comment
+that would be put in the zip headers, and rejects them if they are
+too long. They are each limited to 65535 bytes in length by the zip
+format. This also avoids possible buffer overflows if the provided
+fields are too long.
+---
+ contrib/minizip/zip.c | 11 +++++++++++
+ 1 file changed, 11 insertions(+)
+
+diff --git a/contrib/minizip/zip.c b/contrib/minizip/zip.c
+index 3d3d4ca..0446109 100644
+--- a/contrib/minizip/zip.c
+++ b/contrib/minizip/zip.c
+@@ -1043,6 +1043,17 @@ extern int ZEXPORT zipOpenNewFileInZip4_64(zipFile file, const char* filename, c
+       return ZIP_PARAMERROR;
+ #endif
+ 
+    // The filename and comment length must fit in 16 bits.
+    if ((filename!=NULL) && (strlen(filename)>0xffff))
+        return ZIP_PARAMERROR;
+    if ((comment!=NULL) && (strlen(comment)>0xffff))
+        return ZIP_PARAMERROR;
+    // The extra field length must fit in 16 bits. If the member also requires
+    // a Zip64 extra block, that will also need to fit within that 16-bit
+    // length, but that will be checked for later.
+    if ((size_extrafield_local>0xffff) || (size_extrafield_global>0xffff))
+        return ZIP_PARAMERROR;
+
+     zi = (zip64_internal*)file;
+ 
+     if (zi->in_opened_file_inzip == 1)
+-- 
+2.41.0.windows.3
+
--- a/zlib-1.2.11-SIMD.patch
+++ b/zlib-1.2.11-SIMD.patch
@ -9,17 +9,17 @@ The inflate and deflate processes of the Zlib library provided by the JDK are op
 ---
 CMakeLists.txt |   6 +
 adler32.c      | 169 +++++++++++++++++++++-
- deflate.c      |  21 ++-
- inffast.c      |  58 ++++++++
+ deflate.c      |  22 ++-
+ inffast.c      |  62 ++++++++-
 inffast.h      | 370 +++++++++++++++++++++++++++++++++++++++++++++++++
 inflate.c      |   7 +
- 6 files changed, 624 insertions(+), 7 deletions(-)
+ 6 files changed, 627 insertions(+), 9 deletions(-)

 diff --git a/CMakeLists.txt b/CMakeLists.txt
 index b412dc7..40dc533 100644
 --- a/CMakeLists.txt
 +++ b/CMakeLists.txt
-@@ -128,6 +128,12 @@ if(NOT MINGW)
+@@ -126,6 +126,12 @@ if(NOT MINGW)
     )
 endif()
 
@ -36,7 +36,7 @@ diff --git a/adler32.c b/adler32.c
 index d0be438..6ced75d 100644
 --- a/adler32.c
 +++ b/adler32.c
-@@ -57,11 +57,178 @@
+@@ -59,7 +59,169 @@ local uLong adler32_combine_ OF((uLong adler1, uLong adler2, z_off64_t len2));
 #  define MOD63(a) a %= BASE
 #endif
 
@ -204,7 +204,10 @@ index d0be438..6ced75d 100644
 +}
 +#endif
 +
- uLong ZEXPORT adler32_z(uLong adler, const Bytef *buf, z_size_t len) {
+ uLong ZEXPORT adler32_z(adler, buf, len)
+     uLong adler;
+     const Bytef *buf;
+@@ -68,6 +230,11 @@ uLong ZEXPORT adler32_z(adler, buf, len)
     unsigned long sum2;
     unsigned n;
 
@ -220,7 +223,7 @@ diff --git a/deflate.c b/deflate.c
 index f290783..31d1cfe 100644
 --- a/deflate.c
 +++ b/deflate.c
-@@ -138,8 +138,16 @@ local const config configuration_table[10] = {
+@@ -154,7 +154,16 @@ local const config configuration_table[10] = {
  *    characters, so that a running hash key can be computed from the previous
  *    key instead of complete recalculation each time.
  */
@ -229,16 +232,16 @@ index f290783..31d1cfe 100644
 +#include <arm_acle.h>
 +#define UPDATE_HASH_CRC_INTERNAL(s, h, c) \
 +       (h = __crc32w(0, (c) & 0xFFFFFF) & ((deflate_state *)s)->hash_mask)
- 
+
 +#define UPDATE_HASH(s, h, c) \
 +    UPDATE_HASH_CRC_INTERNAL(s, h, *(unsigned *)((uintptr_t)(&c) - (MIN_MATCH-1)))
 +#else
 +#define UPDATE_HASH(s,h,c) (h = (((h)<<s->hash_shift) ^ (c)) & s->hash_mask)
 +#endif
 
+ 
 /* ===========================================================================
-  * Insert string str in the dictionary and set match_head to the previous head
-@@ -224,14 +232,15 @@ local unsigned read_buf(z_streamp strm, Bytef *buf, unsigned size) {
+@@ -1226,14 +1235,15 @@ local unsigned read_buf(strm, buf, size)
     strm->avail_in  -= len;
 
     zmemcpy(buf, strm->next_in, len);
@ -263,7 +266,7 @@ diff --git a/inffast.c b/inffast.c
 index 1fec7f3..84c5aba 100644
 --- a/inffast.c
 +++ b/inffast.c
-@@ -54,6 +54,9 @@ void ZLIB_INTERNAL inflate_fast(z_streamp strm, unsigned start) {
+@@ -57,6 +57,9 @@ unsigned start;         /* inflate()'s starting value for strm->avail_out */
     unsigned char FAR *out;     /* local strm->next_out */
     unsigned char FAR *beg;     /* inflate()'s initial strm->next_out */
     unsigned char FAR *end;     /* while out < end, enough space available */
@ -273,7 +276,7 @@ index 1fec7f3..84c5aba 100644
 #ifdef INFLATE_STRICT
     unsigned dmax;              /* maximum distance from zlib header */
 #endif
-@@ -86,7 +89,12 @@ void ZLIB_INTERNAL inflate_fast(z_streamp strm, unsigned start) {
+@@ -89,7 +92,12 @@ unsigned start;         /* inflate()'s starting value for strm->avail_out */
 #endif
     wsize = state->wsize;
     whave = state->whave;
@ -286,7 +289,7 @@ index 1fec7f3..84c5aba 100644
     window = state->window;
     hold = state->hold;
     bits = state->bits;
-@@ -194,6 +202,45 @@ void ZLIB_INTERNAL inflate_fast(z_streamp strm, unsigned start) {
+@@ -197,6 +205,45 @@ unsigned start;         /* inflate()'s starting value for strm->avail_out */
 #endif
                     }
                     from = window;
@ -332,13 +335,14 @@ index 1fec7f3..84c5aba 100644
                     if (wnext == 0) {           /* very common case */
                         from += wsize - op;
                         if (op < len) {         /* some from window */
-@@ -244,8 +291,18 @@ void ZLIB_INTERNAL inflate_fast(z_streamp strm, unsigned start) {
+@@ -247,8 +294,18 @@ unsigned start;         /* inflate()'s starting value for strm->avail_out */
                         if (len > 1)
                             *out++ = *from++;
                     }
 +#endif
                 }
-                 else {
+-                else {
+                else { 
 +#if defined(INFLATE_CHUNK_SIMD_NEON)
 +                    /* Whole reference is in range of current output.  No
 +                       range checks are necessary because we start with room
@ -351,10 +355,12 @@ index 1fec7f3..84c5aba 100644
                     from = out - dist;          /* copy direct from output */
                     do {                        /* minimum length is three */
                         *out++ = *from++;
-@@ -258,6 +315,7 @@ void ZLIB_INTERNAL inflate_fast(z_streamp strm, unsigned start) {
+@@ -260,7 +317,8 @@ unsigned start;         /* inflate()'s starting value for strm->avail_out */
+                         *out++ = *from++;
                         if (len > 1)
                             *out++ = *from++;
-                     }
+-                    }
+                    }                   
 +#endif
                 }
             }
@ -375,7 +381,7 @@ index e5c1aa4..259882c 100644
 + * input data in 64-bit (8 byte) chunks.
 + */
 +
- void ZLIB_INTERNAL inflate_fast(z_streamp strm, unsigned start);
+ void ZLIB_INTERNAL inflate_fast OF((z_streamp strm, unsigned start));
 +
 +#if defined(INFLATE_CHUNK_SIMD_NEON)
 +
@ -742,7 +748,7 @@ diff --git a/inflate.c b/inflate.c
 index 8acbef4..4e695b1 100644
 --- a/inflate.c
 +++ b/inflate.c
-@@ -373,9 +373,16 @@ local int updatewindow(z_streamp strm, const Bytef *end, unsigned copy) {
+@@ -408,9 +408,16 @@ unsigned copy;
 
     /* if it hasn't been done already, allocate space for the window */
     if (state->window == Z_NULL) {
--- a/zlib-1.2.13.tar.xz
+++ b/zlib-1.2.13.tar.xz
--- a/zlib-1.3.1.tar.xz
+++ b/zlib-1.3.1.tar.xz
--- a/zlib-Optimize-CRC32.patch
+++ b/zlib-Optimize-CRC32.patch
@ -28,7 +28,7 @@ index f8357b0..5c53068 100644
 
  /*
   A CRC of a message is computed on N braids of words in the message, where
-@@ -553,6 +556,50 @@ const z_crc_t FAR * ZEXPORT get_crc_table(void) {
+@@ -600,6 +603,49 @@ const z_crc_t FAR * ZEXPORT get_crc_table()
     return (const z_crc_t FAR *)crc_table;
 }

@ -74,15 +74,14 @@ index f8357b0..5c53068 100644
 +    return (crc_result ^ 0xffffffffL);
 +}
 +#endif
-+
 +
 /* =========================================================================
  * Use ARM machine instructions if available. This will compute the CRC about
  * ten times faster than the braided calculation. This code does not check for
-@@ -581,6 +628,10 @@ unsigned long ZEXPORT crc32_z(unsigned long crc, const unsigned char FAR *buf,
-     z_size_t last, last2, i;
-     z_size_t num;
- 
+@@ -750,6 +794,10 @@ unsigned long ZEXPORT crc32_z(crc, buf, len)
+     const unsigned char FAR *buf;
+     z_size_t len;
+ {
 +    #ifdef __aarch64__
 +    return crc32_neon(crc, buf, len);
 +    #endif
--- a/zlib.spec
+++ b/zlib.spec
@ -1,6 +1,6 @@
 Name:             zlib
-Version:          1.3.1
-Release:          1
+Version:          1.2.13
+Release:          2
 Summary:          A lossless data-compression library
 License:          zlib and Boost
 URL:              http://www.zlib.net
@ -9,6 +9,7 @@ Source0:          http://www.zlib.net/zlib-%{version}.tar.xz
 # Patch0 get from fedora
 Patch6000:	backport-zlib-1.2.5-minizip-fixuncrypt.patch
 Patch6001:	backport-fix-undefined-buffer-detected-by-oss-fuzz.patch
+Patch6002:  backport-CVE-2023-45853.patch

 Patch9000:	zlib-Optimize-CRC32.patch
 Patch9001:	zlib-1.2.11-SIMD.patch
@ -112,6 +113,9 @@ make test
 %{_libdir}/pkgconfig/minizip.pc

 %changelog
+* Thu May 14 2024 zhoupengcheng <zhoupengcheng11@huawei.com> - 1.2.13-2
+- downgrade to zlib-1.2.13
+
 * Wed Feb 21 2024 liweigang <izmirvii@gmail.com> - 1.3.1-1
 - update to version zlib-1.3.1