summaryrefslogtreecommitdiff
path: root/thirdparty/minizip/patches
diff options
context:
space:
mode:
authorRémi Verschelde <rverschelde@gmail.com>2022-03-31 14:14:05 +0200
committerRémi Verschelde <rverschelde@gmail.com>2022-03-31 15:19:11 +0200
commit420d0d50bcdc47c793157c2f1e143136eafa6500 (patch)
tree375213d3f3b14f97cb4dd8c8d9ccb4e54ca80105 /thirdparty/minizip/patches
parenta647fb3e623c8e5c14427c2631ee61f132951709 (diff)
zlib/minizip: Update to version 1.2.12
Security update, fixes CVE-2018-25032 in zlib. Preliminary assessment doesn't show Godot as affected since we don't seem to call `deflate` with the problematic parameters, but the extent of the vulnerability is not fully clear upstream yet.
Diffstat (limited to 'thirdparty/minizip/patches')
-rw-r--r--thirdparty/minizip/patches/godot-seek.patch294
-rw-r--r--thirdparty/minizip/patches/unbreak-gentoo.patch27
2 files changed, 321 insertions, 0 deletions
diff --git a/thirdparty/minizip/patches/godot-seek.patch b/thirdparty/minizip/patches/godot-seek.patch
new file mode 100644
index 0000000000..24838c252a
--- /dev/null
+++ b/thirdparty/minizip/patches/godot-seek.patch
@@ -0,0 +1,294 @@
+diff --git a/thirdparty/minizip/ioapi.c b/thirdparty/minizip/ioapi.c
+index d666e5a228..db4c33b4b9 100644
+--- a/thirdparty/minizip/ioapi.c
++++ b/thirdparty/minizip/ioapi.c
+@@ -80,8 +80,15 @@ void fill_zlib_filefunc64_32_def_from_filefunc32(zlib_filefunc64_32_def* p_filef
+ p_filefunc64_32->zfile_func64.opaque = p_filefunc32->opaque;
+ p_filefunc64_32->zseek32_file = p_filefunc32->zseek_file;
+ p_filefunc64_32->ztell32_file = p_filefunc32->ztell_file;
++ /* GODOT start */
++ p_filefunc64_32->zfile_func64.alloc_mem = p_filefunc32->alloc_mem;
++ p_filefunc64_32->zfile_func64.free_mem = p_filefunc32->free_mem;
++ /* GODOT end */
+ }
+
++/* GODOT start */
++/*
++// GODOT end
+
+
+ static voidpf ZCALLBACK fopen_file_func OF((voidpf opaque, const char* filename, int mode));
+@@ -255,3 +262,6 @@ void fill_fopen64_filefunc (zlib_filefunc64_def* pzlib_filefunc_def)
+ pzlib_filefunc_def->zerror_file = ferror_file_func;
+ pzlib_filefunc_def->opaque = NULL;
+ }
++// GODOT start
++*/
++/* GODOT end */
+diff --git a/thirdparty/minizip/ioapi.h b/thirdparty/minizip/ioapi.h
+index 114bfab762..2f24a5b6a0 100644
+--- a/thirdparty/minizip/ioapi.h
++++ b/thirdparty/minizip/ioapi.h
+@@ -155,6 +155,10 @@ typedef struct zlib_filefunc_def_s
+ close_file_func zclose_file;
+ testerror_file_func zerror_file;
+ voidpf opaque;
++ /* GODOT start */
++ alloc_func alloc_mem;
++ free_func free_mem;
++ /* GODOT end */
+ } zlib_filefunc_def;
+
+ typedef ZPOS64_T (ZCALLBACK *tell64_file_func) OF((voidpf opaque, voidpf stream));
+@@ -171,6 +175,10 @@ typedef struct zlib_filefunc64_def_s
+ close_file_func zclose_file;
+ testerror_file_func zerror_file;
+ voidpf opaque;
++ /* GODOT start */
++ alloc_func alloc_mem;
++ free_func free_mem;
++ /* GODOT end */
+ } zlib_filefunc64_def;
+
+ void fill_fopen64_filefunc OF((zlib_filefunc64_def* pzlib_filefunc_def));
+diff --git a/thirdparty/minizip/unzip.c b/thirdparty/minizip/unzip.c
+index 5e12e47474..3b191e827c 100644
+--- a/thirdparty/minizip/unzip.c
++++ b/thirdparty/minizip/unzip.c
+@@ -157,6 +157,9 @@ typedef struct
+ uLong compression_method; /* compression method (0==store) */
+ ZPOS64_T byte_before_the_zipfile;/* byte before the zipfile, (>0 for sfx)*/
+ int raw;
++ /* GODOT start */
++ int extra_size;
++ /* GODOT end */
+ } file_in_zip64_read_info_s;
+
+
+@@ -606,9 +609,10 @@ local unzFile unzOpenInternal (const void *path,
+ us.z_filefunc.zseek32_file = NULL;
+ us.z_filefunc.ztell32_file = NULL;
+ if (pzlib_filefunc64_32_def==NULL)
+- fill_fopen64_filefunc(&us.z_filefunc.zfile_func64);
+- else
+- us.z_filefunc = *pzlib_filefunc64_32_def;
++ /* GODOT start */
++ return NULL; // standard i/o not supported
++ us.z_filefunc = *pzlib_filefunc64_32_def;
++ /* GODOT end */
+ us.is64bitOpenFunction = is64bitOpenFunction;
+
+
+@@ -800,6 +804,18 @@ extern unzFile ZEXPORT unzOpen64 (const void *path)
+ return unzOpenInternal(path, NULL, 1);
+ }
+
++/* GODOT start */
++extern void* unzGetOpaque(unzFile file) {
++
++ unz64_s* s;
++ if (file==NULL)
++ return NULL;
++ s=(unz64_s*)file;
++
++ return s->z_filefunc.zfile_func64.opaque;
++};
++/* GODOT end */
++
+ /*
+ Close a ZipFile opened with unzOpen.
+ If there is files inside the .Zip opened with unzOpenCurrentFile (see later),
+@@ -1018,10 +1034,23 @@ local int unz64local_GetCurrentFileInfoInternal (unzFile file,
+
+ if (lSeek!=0)
+ {
++ /* GODOT start */
++ if (lSeek<0) {
++ // WORKAROUND for backwards seeking
++ ZPOS64_T pos = ZTELL64(s->z_filefunc, s->filestream);
++ if (ZSEEK64(s->z_filefunc, s->filestream,pos+(ZPOS64_T)lSeek,ZLIB_FILEFUNC_SEEK_SET)==0)
++ lSeek=0;
++ else
++ err=UNZ_ERRNO;
++ } else {
++ /* GODOT end */
+ if (ZSEEK64(s->z_filefunc, s->filestream,(ZPOS64_T)lSeek,ZLIB_FILEFUNC_SEEK_CUR)==0)
+ lSeek=0;
+ else
+ err=UNZ_ERRNO;
++ /* GODOT start */
++ }
++ /* GODOT end */
+ }
+
+ while(acc < file_info.size_file_extra)
+@@ -1575,8 +1604,10 @@ extern int ZEXPORT unzOpenCurrentFile3 (unzFile file, int* method,
+ }
+ else if ((s->cur_file_info.compression_method==Z_DEFLATED) && (!raw))
+ {
+- pfile_in_zip_read_info->stream.zalloc = (alloc_func)0;
+- pfile_in_zip_read_info->stream.zfree = (free_func)0;
++ /* GODOT start */
++ pfile_in_zip_read_info->stream.zalloc = s->z_filefunc.zfile_func64.alloc_mem;
++ pfile_in_zip_read_info->stream.zfree = s->z_filefunc.zfile_func64.free_mem;
++ /* GODOT end */
+ pfile_in_zip_read_info->stream.opaque = (voidpf)0;
+ pfile_in_zip_read_info->stream.next_in = 0;
+ pfile_in_zip_read_info->stream.avail_in = 0;
+@@ -1608,6 +1639,9 @@ extern int ZEXPORT unzOpenCurrentFile3 (unzFile file, int* method,
+ iSizeVar;
+
+ pfile_in_zip_read_info->stream.avail_in = (uInt)0;
++ /* GODOT start */
++ pfile_in_zip_read_info->extra_size = iSizeVar;
++ /* GODOT end */
+
+ s->pfile_in_zip_read = pfile_in_zip_read_info;
+ s->encrypted = 0;
+@@ -1638,6 +1672,85 @@ extern int ZEXPORT unzOpenCurrentFile3 (unzFile file, int* method,
+ return UNZ_OK;
+ }
+
++/* GODOT start */
++extern int ZEXPORT unzSeekCurrentFile(unzFile file, int pos) {
++
++ unz64_s* s;
++ file_in_zip64_read_info_s* pfile_in_zip_read_info;
++ if (file==NULL)
++ return UNZ_PARAMERROR;
++ s=(unz64_s*)file;
++ pfile_in_zip_read_info=s->pfile_in_zip_read;
++
++ if (pfile_in_zip_read_info==NULL)
++ return UNZ_PARAMERROR;
++
++ if (pfile_in_zip_read_info->compression_method==Z_BZIP2ED) { // don't know how to support bzip
++ return UNZ_INTERNALERROR;
++ }
++
++ if ((pfile_in_zip_read_info->compression_method==0) || (pfile_in_zip_read_info->raw)) {
++
++ pfile_in_zip_read_info->rest_read_compressed =
++ s->cur_file_info.compressed_size - pos;
++ pfile_in_zip_read_info->rest_read_uncompressed =
++ s->cur_file_info.uncompressed_size - pos;
++
++ pfile_in_zip_read_info->pos_in_zipfile =
++ s->cur_file_info_internal.offset_curfile + SIZEZIPLOCALHEADER +
++ pfile_in_zip_read_info->extra_size + pos;
++
++ pfile_in_zip_read_info->stream.avail_in = (uInt)0;
++ pfile_in_zip_read_info->stream.total_out = pos;
++
++ return ZSEEK64(pfile_in_zip_read_info->z_filefunc,
++ pfile_in_zip_read_info->filestream,
++ pfile_in_zip_read_info->byte_before_the_zipfile + pfile_in_zip_read_info->pos_in_zipfile,
++ ZLIB_FILEFUNC_SEEK_SET);
++
++ } else { // gzip
++
++ if (pos < pfile_in_zip_read_info->stream.total_out) { // negative seek, rewind
++
++ pfile_in_zip_read_info->rest_read_compressed =
++ s->cur_file_info.compressed_size ;
++ pfile_in_zip_read_info->rest_read_uncompressed =
++ s->cur_file_info.uncompressed_size ;
++
++ pfile_in_zip_read_info->pos_in_zipfile =
++ s->cur_file_info_internal.offset_curfile + SIZEZIPLOCALHEADER +
++ pfile_in_zip_read_info->extra_size;
++
++ (void)inflateReset(&pfile_in_zip_read_info->stream);
++
++ pfile_in_zip_read_info->stream.avail_in = (uInt)0;
++ pfile_in_zip_read_info->stream.total_out = 0;
++ pfile_in_zip_read_info->stream.next_in = 0;
++ }
++
++ // not sure where to read, so read on the stack
++ {
++ char buf[512];
++ int to_read = pos - pfile_in_zip_read_info->stream.total_out;
++ while (to_read) {
++
++ int len = to_read > sizeof(buf)?sizeof(buf):to_read;
++ int read = unzReadCurrentFile(file, buf, len);
++ if (read < 0) {
++ return read;
++ }
++ to_read -= read;
++ if (read == UNZ_EOF) {
++ return pos;
++ }
++ }
++ }
++ }
++
++ return pos;
++}
++/* GODOT end */
++
+ extern int ZEXPORT unzOpenCurrentFile (unzFile file)
+ {
+ return unzOpenCurrentFile3(file, NULL, NULL, 0, NULL);
+diff --git a/thirdparty/minizip/unzip.h b/thirdparty/minizip/unzip.h
+index 6f95e94d75..71a7d89692 100644
+--- a/thirdparty/minizip/unzip.h
++++ b/thirdparty/minizip/unzip.h
+@@ -202,6 +202,10 @@ extern int ZEXPORT unzClose OF((unzFile file));
+ these files MUST be closed with unzCloseCurrentFile before call unzClose.
+ return UNZ_OK if there is no problem. */
+
++/* GODOT start */
++extern void* unzGetOpaque(unzFile file);
++/* GODOT end */
++
+ extern int ZEXPORT unzGetGlobalInfo OF((unzFile file,
+ unz_global_info *pglobal_info));
+
+@@ -390,6 +394,13 @@ extern int ZEXPORT unzReadCurrentFile OF((unzFile file,
+ (UNZ_ERRNO for IO error, or zLib error for uncompress error)
+ */
+
++/* GODOT start */
++extern int ZEXPORT unzSeekCurrentFile(unzFile file, int pos);
++/*
++ Seek to position in uncompressed data
++*/
++/* GODOT end */
++
+ extern z_off_t ZEXPORT unztell OF((unzFile file));
+
+ extern ZPOS64_T ZEXPORT unztell64 OF((unzFile file));
+diff --git a/thirdparty/minizip/zip.c b/thirdparty/minizip/zip.c
+index 4e611e1163..6d1c26d9f8 100644
+--- a/thirdparty/minizip/zip.c
++++ b/thirdparty/minizip/zip.c
+@@ -854,9 +854,11 @@ extern zipFile ZEXPORT zipOpen3 (const void *pathname, int append, zipcharpc* gl
+
+ ziinit.z_filefunc.zseek32_file = NULL;
+ ziinit.z_filefunc.ztell32_file = NULL;
+- if (pzlib_filefunc64_32_def==NULL)
+- fill_fopen64_filefunc(&ziinit.z_filefunc.zfile_func64);
+- else
++ /* GODOT start */
++ if (pzlib_filefunc64_32_def==NULL) {
++ //fill_fopen64_filefunc(&ziinit.z_filefunc.zfile_func64);
++ } else
++ /* GODOT end */
+ ziinit.z_filefunc = *pzlib_filefunc64_32_def;
+
+ ziinit.filestream = ZOPEN64(ziinit.z_filefunc,
+@@ -1211,8 +1213,10 @@ extern int ZEXPORT zipOpenNewFileInZip4_64 (zipFile file, const char* filename,
+ {
+ if(zi->ci.method == Z_DEFLATED)
+ {
+- zi->ci.stream.zalloc = (alloc_func)0;
+- zi->ci.stream.zfree = (free_func)0;
++ /* GODOT start */
++ zi->ci.stream.zalloc = zi->z_filefunc.zfile_func64.alloc_mem;
++ zi->ci.stream.zfree = zi->z_filefunc.zfile_func64.free_mem;
++ /* GODOT end */
+ zi->ci.stream.opaque = (voidpf)0;
+
+ if (windowBits>0)
diff --git a/thirdparty/minizip/patches/unbreak-gentoo.patch b/thirdparty/minizip/patches/unbreak-gentoo.patch
new file mode 100644
index 0000000000..9292e32ac6
--- /dev/null
+++ b/thirdparty/minizip/patches/unbreak-gentoo.patch
@@ -0,0 +1,27 @@
+diff --git a/thirdparty/minizip/ioapi.h b/thirdparty/minizip/ioapi.h
+index f25ab6464..6043d34ce 100644
+--- a/thirdparty/minizip/ioapi.h
++++ b/thirdparty/minizip/ioapi.h
+@@ -44,6 +44,22 @@
+ #include <stdlib.h>
+ #include "zlib.h"
+
++/* GODOT start */
++/* Mighty Gentoo saves the day by breaking the API of their zlib.h,
++ * removing this definition of OF(args) for no practical reason
++ * worth breaking compatibility with all projects that embed minizip
++ * while trying not to diverge too much from upstream zlib.
++ * Cf. https://github.com/godotengine/godot/issues/10539
++ *
++ * "By and large, this is good open source behaviour, and fits with
++ * the gentoo _don't fuck with upstream's releases_ philosophy"
++ * -- Gentoo philosopher
++ */
++#ifndef OF /* function prototypes */
++ #define OF(args) args
++#endif
++/* GODOT end */
++
+ #if defined(USE_FILE32API)
+ #define fopen64 fopen
+ #define ftello64 ftell
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-22 09:20:32 +0000