zlib/minizip: Update to version 1.2.13, remove zlib from freetype

Security update, fixes CVE-2022-37434 in zlib. Only applications exposing/using `inflateGetHeader()` seem to be affected, which is not our case, so this is not critical for Godot. Remove duplicated copy of zlib in freetype sources to force using the updated version in `thirdparty/zlib/`. Co-authored-by: Rémi Verschelde <rverschelde@gmail.com>
author: DeeJayLSP <djlsplays@gmail.com> 2022-11-30 11:16:31 -0300
committer: Rémi Verschelde <rverschelde@gmail.com> 2023-01-07 13:03:06 +0100
commit: 93409b8e64a9bc3c271ab4a7489b59a43bc0d048 (patch)
tree: bdc406e5e4861818ec5b4b9a36c4fa1b9850b3f6 /thirdparty/minizip
parent: 163f6f5fe87d11645e94cd49f41226ab03063e53 (diff)
8 files changed, 26 insertions, 29 deletions
diff --git a/thirdparty/minizip/MiniZip_info.txt b/thirdparty/minizip/MiniZip64_info.txt
index 57d7152420..57d7152420 100644
--- a/thirdparty/minizip/MiniZip_info.txt
+++ b/thirdparty/minizip/MiniZip64_info.txt
diff --git a/thirdparty/minizip/crypt.h b/thirdparty/minizip/crypt.h
index 9da15373d8..1cc41f19d7 100644
--- a/thirdparty/minizip/crypt.h
+++ b/thirdparty/minizip/crypt.h
@@ -85,7 +85,7 @@ static void init_keys(const char* passwd,unsigned long* pkeys,const z_crc_t* pcr
 #define RAND_HEAD_LEN  12
    /* "last resort" source for second part of crypt seed pattern */
 #  ifndef ZCR_SEED2
-#    define ZCR_SEED2 3141592654L       /* use PI as default pattern */
+#    define ZCR_SEED2 3141592654UL      /* use PI as default pattern */
 #  endif
 
 static unsigned crypthead(const char* passwd,       /* password string */
diff --git a/thirdparty/minizip/ioapi.c b/thirdparty/minizip/ioapi.c
index db4c33b4b9..b50db35ac1 100644
--- a/thirdparty/minizip/ioapi.c
+++ b/thirdparty/minizip/ioapi.c
@@ -101,9 +101,9 @@ static int     ZCALLBACK ferror_file_func OF((voidpf opaque, voidpf stream));
 
 static voidpf ZCALLBACK fopen_file_func (voidpf opaque, const char* filename, int mode)
 {
-    (void)opaque;
     FILE* file = NULL;
     const char* mode_fopen = NULL;
+    (void)opaque;
     if ((mode & ZLIB_FILEFUNC_MODE_READWRITEFILTER)==ZLIB_FILEFUNC_MODE_READ)
         mode_fopen = "rb";
     else
@@ -120,9 +120,9 @@ static voidpf ZCALLBACK fopen_file_func (voidpf opaque, const char* filename, in
 
 static voidpf ZCALLBACK fopen64_file_func (voidpf opaque, const void* filename, int mode)
 {
-    (void)opaque;
     FILE* file = NULL;
     const char* mode_fopen = NULL;
+    (void)opaque;
     if ((mode & ZLIB_FILEFUNC_MODE_READWRITEFILTER)==ZLIB_FILEFUNC_MODE_READ)
         mode_fopen = "rb";
     else
@@ -140,24 +140,24 @@ static voidpf ZCALLBACK fopen64_file_func (voidpf opaque, const void* filename,
 
 static uLong ZCALLBACK fread_file_func (voidpf opaque, voidpf stream, void* buf, uLong size)
 {
-    (void)opaque;
     uLong ret;
+    (void)opaque;
     ret = (uLong)fread(buf, 1, (size_t)size, (FILE *)stream);
     return ret;
 }
 
 static uLong ZCALLBACK fwrite_file_func (voidpf opaque, voidpf stream, const void* buf, uLong size)
 {
-    (void)opaque;
     uLong ret;
+    (void)opaque;
     ret = (uLong)fwrite(buf, 1, (size_t)size, (FILE *)stream);
     return ret;
 }
 
 static long ZCALLBACK ftell_file_func (voidpf opaque, voidpf stream)
 {
-    (void)opaque;
     long ret;
+    (void)opaque;
     ret = ftell((FILE *)stream);
     return ret;
 }
@@ -165,17 +165,17 @@ static long ZCALLBACK ftell_file_func (voidpf opaque, voidpf stream)
 
 static ZPOS64_T ZCALLBACK ftell64_file_func (voidpf opaque, voidpf stream)
 {
-    (void)opaque;
     ZPOS64_T ret;
+    (void)opaque;
     ret = (ZPOS64_T)FTELLO_FUNC((FILE *)stream);
     return ret;
 }
 
 static long ZCALLBACK fseek_file_func (voidpf  opaque, voidpf stream, uLong offset, int origin)
 {
-    (void)opaque;
     int fseek_origin=0;
     long ret;
+    (void)opaque;
     switch (origin)
     {
     case ZLIB_FILEFUNC_SEEK_CUR :
@@ -197,9 +197,9 @@ static long ZCALLBACK fseek_file_func (voidpf  opaque, voidpf stream, uLong offs
 
 static long ZCALLBACK fseek64_file_func (voidpf  opaque, voidpf stream, ZPOS64_T offset, int origin)
 {
-    (void)opaque;
     int fseek_origin=0;
     long ret;
+    (void)opaque;
     switch (origin)
     {
     case ZLIB_FILEFUNC_SEEK_CUR :
@@ -215,7 +215,7 @@ static long ZCALLBACK fseek64_file_func (voidpf  opaque, voidpf stream, ZPOS64_T
     }
     ret = 0;
 
-    if(FSEEKO_FUNC((FILE *)stream, (long)offset, fseek_origin) != 0)
+    if(FSEEKO_FUNC((FILE *)stream, (z_off_t)offset, fseek_origin) != 0)
                         ret = -1;
 
     return ret;
@@ -224,16 +224,16 @@ static long ZCALLBACK fseek64_file_func (voidpf  opaque, voidpf stream, ZPOS64_T
 
 static int ZCALLBACK fclose_file_func (voidpf opaque, voidpf stream)
 {
-    (void)opaque;
     int ret;
+    (void)opaque;
     ret = fclose((FILE *)stream);
     return ret;
 }
 
 static int ZCALLBACK ferror_file_func (voidpf opaque, voidpf stream)
 {
-    (void)opaque;
     int ret;
+    (void)opaque;
     ret = ferror((FILE *)stream);
     return ret;
 }
diff --git a/thirdparty/minizip/ioapi.h b/thirdparty/minizip/ioapi.h
index e9e5899852..083062ffe6 100644
--- a/thirdparty/minizip/ioapi.h
+++ b/thirdparty/minizip/ioapi.h
@@ -66,7 +66,7 @@
 #define ftello64 ftell
 #define fseeko64 fseek
 #else
-#ifdef __FreeBSD__
+#if defined(__FreeBSD__) || defined(__OpenBSD__) || defined(__NetBSD__)
 #define fopen64 fopen
 #define ftello64 ftello
 #define fseeko64 fseeko
diff --git a/thirdparty/minizip/patches/godot-seek.patch b/thirdparty/minizip/patches/godot-seek.patch
index 24838c252a..279124f3f0 100644
--- a/thirdparty/minizip/patches/godot-seek.patch
+++ b/thirdparty/minizip/patches/godot-seek.patch
@@ -1,5 +1,5 @@
 diff --git a/thirdparty/minizip/ioapi.c b/thirdparty/minizip/ioapi.c
-index d666e5a228..db4c33b4b9 100644
+index 814a6fd38c..b50db35ac1 100644
 --- a/thirdparty/minizip/ioapi.c
 +++ b/thirdparty/minizip/ioapi.c
 @@ -80,8 +80,15 @@ void fill_zlib_filefunc64_32_def_from_filefunc32(zlib_filefunc64_32_def* p_filef
@@ -26,7 +26,7 @@ index d666e5a228..db4c33b4b9 100644
 +*/
 +/* GODOT end */
 diff --git a/thirdparty/minizip/ioapi.h b/thirdparty/minizip/ioapi.h
-index 114bfab762..2f24a5b6a0 100644
+index ae9ca7e833..6c73fc4ec3 100644
 --- a/thirdparty/minizip/ioapi.h
 +++ b/thirdparty/minizip/ioapi.h
 @@ -155,6 +155,10 @@ typedef struct zlib_filefunc_def_s
@@ -52,7 +52,7 @@ index 114bfab762..2f24a5b6a0 100644
  
  void fill_fopen64_filefunc OF((zlib_filefunc64_def* pzlib_filefunc_def));
 diff --git a/thirdparty/minizip/unzip.c b/thirdparty/minizip/unzip.c
-index 5e12e47474..3b191e827c 100644
+index 3036b470b7..e83aff2773 100644
 --- a/thirdparty/minizip/unzip.c
 +++ b/thirdparty/minizip/unzip.c
 @@ -157,6 +157,9 @@ typedef struct
@@ -122,7 +122,7 @@ index 5e12e47474..3b191e827c 100644
          }
  
          while(acc < file_info.size_file_extra)
-@@ -1575,8 +1604,10 @@ extern int ZEXPORT unzOpenCurrentFile3 (unzFile file, int* method,
+@@ -1576,8 +1605,10 @@ extern int ZEXPORT unzOpenCurrentFile3 (unzFile file, int* method,
      }
      else if ((s->cur_file_info.compression_method==Z_DEFLATED) && (!raw))
      {
@@ -135,7 +135,7 @@ index 5e12e47474..3b191e827c 100644
        pfile_in_zip_read_info->stream.opaque = (voidpf)0;
        pfile_in_zip_read_info->stream.next_in = 0;
        pfile_in_zip_read_info->stream.avail_in = 0;
-@@ -1608,6 +1639,9 @@ extern int ZEXPORT unzOpenCurrentFile3 (unzFile file, int* method,
+@@ -1610,6 +1641,9 @@ extern int ZEXPORT unzOpenCurrentFile3 (unzFile file, int* method,
                iSizeVar;
  
      pfile_in_zip_read_info->stream.avail_in = (uInt)0;
@@ -145,7 +145,7 @@ index 5e12e47474..3b191e827c 100644
  
      s->pfile_in_zip_read = pfile_in_zip_read_info;
                  s->encrypted = 0;
-@@ -1638,6 +1672,85 @@ extern int ZEXPORT unzOpenCurrentFile3 (unzFile file, int* method,
+@@ -1640,6 +1674,85 @@ extern int ZEXPORT unzOpenCurrentFile3 (unzFile file, int* method,
      return UNZ_OK;
  }
  
@@ -261,7 +261,7 @@ index 6f95e94d75..71a7d89692 100644
  
  extern ZPOS64_T ZEXPORT unztell64 OF((unzFile file));
 diff --git a/thirdparty/minizip/zip.c b/thirdparty/minizip/zip.c
-index 4e611e1163..6d1c26d9f8 100644
+index 66d693f85a..ddcc14132b 100644
 --- a/thirdparty/minizip/zip.c
 +++ b/thirdparty/minizip/zip.c
 @@ -854,9 +854,11 @@ extern zipFile ZEXPORT zipOpen3 (const void *pathname, int append, zipcharpc* gl
diff --git a/thirdparty/minizip/patches/unbreak-gentoo.patch b/thirdparty/minizip/patches/unbreak-gentoo.patch
index 9292e32ac6..65230cd4c7 100644
--- a/thirdparty/minizip/patches/unbreak-gentoo.patch
+++ b/thirdparty/minizip/patches/unbreak-gentoo.patch
@@ -1,8 +1,8 @@
 diff --git a/thirdparty/minizip/ioapi.h b/thirdparty/minizip/ioapi.h
-index f25ab6464..6043d34ce 100644
+index 6c73fc4ec3..083062ffe6 100644
 --- a/thirdparty/minizip/ioapi.h
 +++ b/thirdparty/minizip/ioapi.h
-@@ -44,6 +44,22 @@
+@@ -45,6 +45,22 @@
  #include <stdlib.h>
  #include "zlib.h"
  
diff --git a/thirdparty/minizip/unzip.c b/thirdparty/minizip/unzip.c
index 3b191e827c..e83aff2773 100644
--- a/thirdparty/minizip/unzip.c
+++ b/thirdparty/minizip/unzip.c
@@ -112,7 +112,7 @@
 # define ALLOC(size) (malloc(size))
 #endif
 #ifndef TRYFREE
-# define TRYFREE(p) {if (p) free(p);}
+# define TRYFREE(p) { free(p);}
 #endif
 
 #define SIZECENTRALDIRITEM (0x2e)
@@ -1595,6 +1595,7 @@ extern int ZEXPORT unzOpenCurrentFile3 (unzFile file, int* method,
         pfile_in_zip_read_info->stream_initialised=Z_BZIP2ED;
       else
       {
+        TRYFREE(pfile_in_zip_read_info->read_buffer);
         TRYFREE(pfile_in_zip_read_info);
         return err;
       }
@@ -1617,6 +1618,7 @@ extern int ZEXPORT unzOpenCurrentFile3 (unzFile file, int* method,
         pfile_in_zip_read_info->stream_initialised=Z_DEFLATED;
       else
       {
+        TRYFREE(pfile_in_zip_read_info->read_buffer);
         TRYFREE(pfile_in_zip_read_info);
         return err;
       }
diff --git a/thirdparty/minizip/zip.c b/thirdparty/minizip/zip.c
index 6d1c26d9f8..ddcc14132b 100644
--- a/thirdparty/minizip/zip.c
+++ b/thirdparty/minizip/zip.c
@@ -1475,11 +1475,6 @@ extern int ZEXPORT zipWriteInFileInZip (zipFile file,const void* buf,unsigned in
           {
               uLong uTotalOutBefore = zi->ci.stream.total_out;
               err=deflate(&zi->ci.stream,  Z_NO_FLUSH);
-              if(uTotalOutBefore > zi->ci.stream.total_out)
-              {
-                int bBreak = 0;
-                bBreak++;
-              }
 
               zi->ci.pos_in_buffered_data += (uInt)(zi->ci.stream.total_out - uTotalOutBefore) ;
           }
@@ -1963,7 +1958,7 @@ extern int ZEXPORT zipRemoveExtraInfoBlock (char* pData, int* dataLen, short sHe
 
   int retVal = ZIP_OK;
 
-  if(pData == NULL || *dataLen < 4)
+  if(pData == NULL || dataLen == NULL || *dataLen < 4)
     return ZIP_PARAMERROR;
 
   pNewHeader = (char*)ALLOC((unsigned)*dataLen);
author	DeeJayLSP <djlsplays@gmail.com>	2022-11-30 11:16:31 -0300
committer	Rémi Verschelde <rverschelde@gmail.com>	2023-01-07 13:03:06 +0100
commit	93409b8e64a9bc3c271ab4a7489b59a43bc0d048 (patch)
tree	bdc406e5e4861818ec5b4b9a36c4fa1b9850b3f6 /thirdparty/minizip
parent	163f6f5fe87d11645e94cd49f41226ab03063e53 (diff)