Merge pull request #177053 from RaitoBezarius/comprehensive-crc-validation-for-zlib

pyrox.dev / nixpkgs

fork atom

lol

fork atom

authored by

Martin Weinelt and committed by

GitHub 3 years ago bd7d3cbb b03728f0

+57

2 changed files

expand all

pkgs

development

libraries

zlib

comprehensive-crc-validation-for-wrong-implementations.patch

default.nix

+51

pkgs/development/libraries/zlib/comprehensive-crc-validation-for-wrong-implementations.patch

··· 1 + From ec3df00224d4b396e2ac6586ab5d25f673caa4c2 Mon Sep 17 00:00:00 2001 2 + From: Mark Adler <madler@alumni.caltech.edu> 3 + Date: Wed, 30 Mar 2022 11:14:53 -0700 4 + Subject: [PATCH] Correct incorrect inputs provided to the CRC functions. 5 + 6 + The previous releases of zlib were not sensitive to incorrect CRC 7 + inputs with bits set above the low 32. This commit restores that 8 + behavior, so that applications with such bugs will continue to 9 + operate as before. 10 + --- 11 + crc32.c | 8 ++++---- 12 + 1 file changed, 4 insertions(+), 4 deletions(-) 13 + 14 + diff --git a/crc32.c b/crc32.c 15 + index a1bdce5c2..451887bc7 100644 16 + --- a/crc32.c 17 + +++ b/crc32.c 18 + @@ -630,7 +630,7 @@ unsigned long ZEXPORT crc32_z(crc, buf, len) 19 + #endif /* DYNAMIC_CRC_TABLE */ 20 + 21 + /* Pre-condition the CRC */ 22 + - crc ^= 0xffffffff; 23 + + crc = (~crc) & 0xffffffff; 24 + 25 + /* Compute the CRC up to a word boundary. */ 26 + while (len && ((z_size_t)buf & 7) != 0) { 27 + @@ -749,7 +749,7 @@ unsigned long ZEXPORT crc32_z(crc, buf, len) 28 + #endif /* DYNAMIC_CRC_TABLE */ 29 + 30 + /* Pre-condition the CRC */ 31 + - crc ^= 0xffffffff; 32 + + crc = (~crc) & 0xffffffff; 33 + 34 + #ifdef W 35 + 36 + @@ -1077,7 +1077,7 @@ uLong ZEXPORT crc32_combine64(crc1, crc2, len2) 37 + #ifdef DYNAMIC_CRC_TABLE 38 + once(&made, make_crc_table); 39 + #endif /* DYNAMIC_CRC_TABLE */ 40 + - return multmodp(x2nmodp(len2, 3), crc1) ^ crc2; 41 + + return multmodp(x2nmodp(len2, 3), crc1) ^ (crc2 & 0xffffffff); 42 + } 43 + 44 + /* ========================================================================= */ 45 + @@ -1112,5 +1112,5 @@ uLong crc32_combine_op(crc1, crc2, op) 46 + uLong crc2; 47 + uLong op; 48 + { 49 + - return multmodp(op, crc1) ^ crc2; 50 + + return multmodp(op, crc1) ^ (crc2 & 0xffffffff); 51 + }

pkgs/development/libraries/zlib/default.nix

··· 42 42 43 43 patches = [ 44 44 ./fix-configure-issue-cross.patch 45 + # Starting zlib 1.2.12, zlib is stricter to incorrect CRC inputs 46 + # with bits set above the low 32. 47 + # see https://github.com/madler/zlib/issues/618 48 + # TODO: remove the patch if upstream releases https://github.com/madler/zlib/commit/ec3df00224d4b396e2ac6586ab5d25f673caa4c2 49 + # see https://github.com/NixOS/nixpkgs/issues/170539 for history. 50 + ./comprehensive-crc-validation-for-wrong-implementations.patch 45 51 ]; 46 52 47 53 strictDeps = true;