1
From: Mike Alexander <mta@umich.edu>
2
Date: Thu, 28 Nov 2013 23:21:23 +0800
3
Subject: Fix a bug loading some compressed files
5
For https://bugzilla.gnome.org/show_bug.cgi?id=712528
6
Related to https://bugzilla.redhat.com/show_bug.cgi?id=877567
8
There is a bug in xzlib.c which causes certain compressed XML files to fail to
9
load correctly. The code in xz_decomp which attempts to verify the checksum
10
and length of the expanded data fails if the checksum or length at the end of
11
the file crosses a 1024 byte boundary. It calls gz_next4 to get those two
12
values. This function uses the stream state in state->zstrm, but calls
13
xz_avail which uses the state->strm stream info. This causes gz_next4 to
14
signal a premature EOF if the data it is fetching crosses a 1024 byte boundary.
16
xzlib.c | 26 ++++++++++++++++++++++----
17
1 file changed, 22 insertions(+), 4 deletions(-)
19
diff --git a/xzlib.c b/xzlib.c
20
index 928bd17..cd045fa 100644
23
@@ -245,6 +245,20 @@ xz_avail(xz_statep state)
29
+xz_avail_zstrm(xz_statep state)
32
+ state->strm.avail_in = state->zstrm.avail_in;
33
+ state->strm.next_in = state->zstrm.next_in;
34
+ ret = xz_avail(state);
35
+ state->zstrm.avail_in = (uInt) state->strm.avail_in;
36
+ state->zstrm.next_in = (Bytef *) state->strm.next_in;
42
is_format_xz(xz_statep state)
44
@@ -314,6 +328,10 @@ is_format_lzma(xz_statep state)
45
#define NEXT() ((strm->avail_in == 0 && xz_avail(state) == -1) ? -1 : \
46
(strm->avail_in == 0 ? -1 : \
47
(strm->avail_in--, *(strm->next_in)++)))
48
+/* Same thing, but from zstrm */
49
+#define NEXTZ() ((strm->avail_in == 0 && xz_avail_zstrm(state) == -1) ? -1 : \
50
+ (strm->avail_in == 0 ? -1 : \
51
+ (strm->avail_in--, *(strm->next_in)++)))
53
/* Get a four-byte little-endian integer and return 0 on success and the value
54
in *ret. Otherwise -1 is returned and *ret is not modified. */
55
@@ -324,10 +342,10 @@ gz_next4(xz_statep state, unsigned long *ret)
57
z_streamp strm = &(state->zstrm);
60
- val += (unsigned) NEXT() << 8;
61
- val += (unsigned long) NEXT() << 16;
64
+ val += (unsigned) NEXTZ() << 8;
65
+ val += (unsigned long) NEXTZ() << 16;
69
val += (unsigned long) ch << 24;