Compare commits

...

No commits in common. "c8" and "c9-beta" have entirely different histories.
c8 ... c9-beta

3 changed files with 196 additions and 85 deletions

View File

@ -1,6 +1,3 @@
Source from https://gitlab.com/redhat/centos-stream/rpms/zlib/-/merge_requests/9
Author: Ilya Leoshkevich
--- a/compress.c
+++ b/compress.c
@@ -5,9 +5,15 @@

View File

@ -0,0 +1,65 @@
From 1e56dd1e7285d3026092ba794078edb290b4c1b1 Mon Sep 17 00:00:00 2001
From: Ondrej Dubaj <odubaj@redhat.com>
Date: Mon, 15 Mar 2021 13:06:35 +0100
Subject: [PATCH] fixed isues found by covscan
---
contrib/minizip/mztools.c | 8 ++++++++
contrib/minizip/zip.c | 4 ++--
deflate.c | 5 +++--
3 files changed, 13 insertions(+), 4 deletions(-)
diff --git a/contrib/minizip/mztools.c b/contrib/minizip/mztools.c
index 96891c2..1197928 100644
--- a/contrib/minizip/mztools.c
+++ b/contrib/minizip/mztools.c
@@ -286,6 +286,14 @@ uLong* bytesRecovered;
}
} else {
err = Z_STREAM_ERROR;
+ if(fpZip != NULL)
+ fclose(fpZip);
+
+ if(fpOut != NULL)
+ fclose(fpOut);
+
+ if(fpOutCD != NULL)
+ fclose(fpOutCD);
}
return err;
}
diff --git a/contrib/minizip/zip.c b/contrib/minizip/zip.c
index 44e88a9..a753c17 100644
--- a/contrib/minizip/zip.c
+++ b/contrib/minizip/zip.c
@@ -526,8 +526,8 @@ local ZPOS64_T zip64local_SearchCentralDir(const zlib_filefunc64_32_def* pzlib_f
break;
}
- if (uPosFound!=0)
- break;
+ if (uPosFound!=0)
+ break;
}
TRYFREE(buf);
return uPosFound;
diff --git a/deflate.c b/deflate.c
index 085abbe..3963e79 100644
--- a/deflate.c
+++ b/deflate.c
@@ -203,9 +203,10 @@ local const config configuration_table[10] = {
* Initialize the hash table (avoiding 64K overflow for 16 bit systems).
* prev[] will be initialized on the fly.
*/
-#define CLEAR_HASH(s) \
+#define CLEAR_HASH(s) do { \
s->head[s->hash_size-1] = NIL; \
- zmemzero((Bytef *)s->head, (unsigned)(s->hash_size-1)*sizeof(*s->head));
+ zmemzero((Bytef *)s->head, (unsigned)(s->hash_size-1)*sizeof(*s->head)); \
+} while (0)
/* ===========================================================================
* Slide the hash table when sliding the window down (could be avoided with 32
--
2.26.0

View File

@ -1,68 +1,74 @@
# disabled, per rhbz#1609830 and rhbz#1602742
%bcond_with minizip
%bcond_without minizip
Name: zlib
Version: 1.2.11
Release: 25%{?dist}
Summary: The compression and decompression library
Release: 40%{?dist}
Summary: Compression and decompression library
# /contrib/dotzlib/ have Boost license
License: zlib and Boost
URL: http://www.zlib.net/
URL: https://www.zlib.net/
Source: http://www.zlib.net/zlib-%{version}.tar.xz
Source: https://www.zlib.net/zlib-%{version}.tar.xz
# https://github.com/madler/zlib/pull/210
Patch0: zlib-1.2.5-minizip-fixuncrypt.patch
# resolves: #805113
Patch1: zlib-1.2.11-optimized-s390.patch
# Backport upstream commit 2d80d3f6b52f9fa454c26c89d2d6a1790e1cecb0
# Reason: Fuzzer founds issues with unknown memory access
Patch2: zlib-1.2.11-Limit-hash-table-inserts.patch
Patch5: zlib-1.2.11-Limit-hash-table-inserts.patch
# IBM Z optimalizations
Patch3: zlib-1.2.11-IBM-Z-hw-accelrated-deflate-s390x.patch
Patch7: zlib-1.2.11-IBM-Z-hw-accelrated-deflate-s390x.patch
# fix for IBM Z optimalizations
Patch6: zlib-1.2.11-IBM-Z-hw-accelrated-deflate-fix.patch
Patch11: zlib-1.2.11-IBM-Z-hw-accelrated-deflate-fix.patch
# permit a deflateParams() parameter change
Patch7: zlib-1.2.11-permit-deflateParams-change.patch
Patch12: zlib-1.2.11-permit-deflateParams-change.patch
# fixed DFLTCC compression level switching issues
# enabled HW compression for compression levels 1 through 6
Patch8: zlib-1.2.11-IBM-DFLTCC-compression-level-switching-issues.patch
Patch13: zlib-1.2.11-IBM-DFLTCC-compression-level-switching-issues.patch
# fixed inflateSyncPoint() bad return value on z15
Patch9: zlib-1.2.11-inflateSyncPoint-return-value-fix.patch
Patch10: zlib-1.2.11-CVE-2018-25032.patch
# Fix the compressBound() on z15
Patch11: zlib-1.2.11-IBM-Z-hw-accelrated-deflate-compressBound-fix.patch
# Fix CVE-2022-37434
Patch12: zlib-1.2.11-cve-2022-37434.patch
Patch13: zlib-1.2.11-cve-2022-37434_2.patch
Patch14: zlib-1.2.11-inflateSyncPoint-return-value-fix.patch
# fixed issues found by covscan for rhel-9
# ref: https://github.com/madler/zlib/pull/554
Patch15: zlib-1.2.11-covscan-issues-rhel9.patch
# fix for IBM Z optimalizations
Patch17: zlib-1.2.11-IBM-Z-hw-accelrated-deflate-compressBound-fix.patch
# Fix for CVE-2018-25032
Patch18: zlib-1.2.11-CVE-2018-25032.patch
# Fix for CVE-2022-37434
Patch19: zlib-1.2.11-cve-2022-37434.patch
Patch20: zlib-1.2.11-cve-2022-37434_2.patch
# Fix setting strm.adler on z15
Patch14: zlib-1.2.11-IBM-Z-hw-accelrated-deflate-strm-adler-fix.patch
Patch21: zlib-1.2.11-IBM-Z-hw-accelrated-deflate-strm-adler-fix.patch
# Optimization for z15
Patch15: zlib-1.2.11-IBM-Z-hw-accelrated-inflate-small-window.patch
Patch22: zlib-1.2.11-IBM-Z-hw-accelrated-inflate-small-window.patch
# Optimized crc32 for Power 8+ processors
# Source: https://github.com/madler/zlib/pull/750
Patch16: zlib-1.2.11-Preparation-for-Power-optimizations.patch
Patch17: zlib-1.2.11-Add-Power8-optimized-crc32.patch
Patch18: zlib-1.2.11-Fix-clang-s-behavior-on-versions-7.patch
Patch23: zlib-1.2.11-Preparation-for-Power-optimizations.patch
Patch24: zlib-1.2.11-Add-Power8-optimized-crc32.patch
Patch25: zlib-1.2.11-Fix-clang-s-behavior-on-versions-7.patch
# Fix for Unnecessary IFUNC resolver for crc32_z
# Fix for s390x vectorize CRC32
Patch19: zlib-1.2.11-s390x-vectorize-crc32.patch
Patch26: zlib-1.2.11-s390x-vectorize-crc32.patch
# Fix for python3.11 broken libxml2 and lxml on s390x
Patch20: zlib-1.2.11-Fix-broken-libxml2-for-python311.patch
Patch27: zlib-1.2.11-Fix-broken-libxml2-for-python311.patch
# fixed covscan issues
Patch21: zlib-1.2.11-covscan-issues.patch
Patch28: zlib-1.2.11-covscan-issues.patch
# Fix for Crash in zlib deflateBound() function on s390x
# Resolves: #2193045
Patch22: zlib-1.2.11-IBM-Z-hw-accelrated-deflate-fix-crash-deflateBound.patch
# Resolves: #2193044
Patch29: zlib-1.2.11-IBM-Z-hw-accelrated-deflate-fix-crash-deflateBound.patch
BuildRequires: make
BuildRequires: automake, autoconf, libtool
%global __provides_exclude_from ^%{_libdir}/pkgconfig/minizip\\.pc$
%description
Zlib is a general-purpose, patent-free, lossless data compression
library which is used by many different programs.
@ -89,20 +95,21 @@ decompression library.
%if %{with minizip}
%package -n minizip
%package -n minizip-compat
Summary: Library for manipulation with .zip archives
Requires: %{name}%{?_isa} = %{version}-%{release}
%description -n minizip
%description -n minizip-compat
Minizip is a library for manipulation with files from .zip archives.
%package -n minizip-devel
%package -n minizip-compat-devel
Summary: Development files for the minizip library
Requires: minizip%{?_isa} = %{version}-%{release}
Requires: minizip-compat%{?_isa} = %{version}-%{release}
Requires: %{name}-devel%{?_isa} = %{version}-%{release}
Conflicts: minizip-devel
%description -n minizip-devel
%description -n minizip-compat-devel
This package contains the libraries and header files needed for
developing applications which use minizip.
%endif
@ -114,25 +121,26 @@ developing applications which use minizip.
%ifarch s390 s390x
%patch1 -p1 -b .optimized-deflate
%endif
%patch2 -p1
%patch3 -p1
%patch6 -p1
%patch5 -p1
%patch7 -p1
%patch8 -p1
%patch9 -p1
%patch10 -p1
%patch11 -p1
%patch12 -p1
%patch13 -p1
%patch14 -p1
%patch15 -p1
%patch16 -p1
%patch17 -p1
%patch18 -p1
%patch19 -p1
%patch20 -p1
%patch21 -p1
%patch22 -p1
%patch23 -p1
%patch24 -p1
%patch25 -p1
%patch26 -p1
%patch27 -p1
%patch28 -p1
%patch29 -p1
iconv -f iso-8859-2 -t utf-8 < ChangeLog > ChangeLog.tmp
@ -141,16 +149,13 @@ mv ChangeLog.tmp ChangeLog
%build
export CFLAGS="$RPM_OPT_FLAGS"
%ifarch ppc64
CFLAGS+=" -O3"
%endif
export LDFLAGS="$LDFLAGS -Wl,-z,relro -Wl,-z,now"
# no-autotools, %%configure is not compatible
%ifarch s390 s390x
./configure --libdir=%{_libdir} --includedir=%{_includedir} --prefix=%{_prefix} --dfltcc
./configure --libdir=%{_libdir} --includedir=%{_includedir} --prefix=%{_prefix} --dfltcc
%else
./configure --libdir=%{_libdir} --includedir=%{_includedir} --prefix=%{_prefix}
./configure --libdir=%{_libdir} --includedir=%{_includedir} --prefix=%{_prefix}
%endif
%make_build
@ -199,12 +204,12 @@ find $RPM_BUILD_ROOT -name '*.la' -delete
%if %{with minizip}
%files -n minizip
%files -n minizip-compat
%doc contrib/minizip/MiniZip64_info.txt contrib/minizip/MiniZip64_Changes.txt
%{_libdir}/libminizip.so.*
%files -n minizip-devel
%files -n minizip-compat-devel
%dir %{_includedir}/minizip
%{_includedir}/minizip/*.h
%{_libdir}/libminizip.so
@ -213,70 +218,114 @@ find $RPM_BUILD_ROOT -name '*.la' -delete
%changelog
* Tue May 16 2023 Lukas Javorsky <ljavorsk@redhat.com> - 1.2.11-25
* Thu May 04 2023 Lukas Javorsky <ljavorsk@redhat.com> - 1.2.11-40
- Fix the Crash in zlib deflateBound() function on s390x
- Resolves: BZ#2193045
- Resolves: BZ#2193044
* Tue May 16 2023 Lukas Javorsky <ljavorsk@redhat.com> - 1.2.11-24
* Thu Feb 09 2023 Lukas Javorsky <ljavorsk@redhat.com> - 1.2.11-39
- Fix covscan issue CWE-681
* Tue Feb 07 2023 Lukas Javorsky <ljavorsk@redhat.com> - 1.2.11-38
- Resolve fuzzing issue for unknown memory access
* Tue May 09 2023 Lukas Javorsky <ljavorsk@redhat.com> - 1.2.11-23
* Tue Feb 07 2023 Lukas Javorsky <ljavorsk@redhat.com> - 1.2.11-37
- Rebased Power 8 optimization patches
- Fix for Unnecessary IFUNC resolver for crc32_z
- Fix for python3.11 broken libxml2 and lxml on s390x
* Tue May 09 2023 Lukas Javorsky <ljavorsk@redhat.com> - 1.2.11-22
* Mon Dec 19 2022 Ilya Leoshkevich <iii@linux.ibm.com> - 1.2.11-36
- Inflate small window optimization for IBM z15 rhbz#2154775
* Wed Oct 12 2022 Ilya Leoshkevich <iii@linux.ibm.com> - 1.2.11-21
* Wed Oct 12 2022 Ilya Leoshkevich <iii@linux.ibm.com> - 1.2.11-35
- Fix for IBM strm.adler rhbz#2134074
* Tue Aug 09 2022 Matej Mužila <mmuzila@redhat.com> - 1.2.11-20
* Wed Aug 10 2022 Matej Mužila <mmuzila@redhat.com> - 1.2.11-34
- Fix heap-based buffer over-read or buffer overflow in inflate in inflate.c
- Resolves: CVE-2022-37434
* Mon May 16 2022 Lukas Javorsky <ljavorsk@redhat.com> - 1.2.11-19
- Apply IBM patch for compressBound() function
- Source from https://github.com/madler/zlib/issues/410#issuecomment-947212824
- Resolves: #2056900
* Mon Apr 25 2022 Matej Mužila <mmuzila@redhat.com> - 1.2.11-33
- Fix CVE-2018-25032
Resolves: CVE-2018-25032
* Tue Mar 29 2022 Matej Mužila <mmuzila@redhat.com> - 1.2.11-18
- Resolves: CVE-2018-25032
* Tue Mar 01 2022 Ilya Leoshkevich <iii@linux.ibm.com> - 1.2.11-32
- Fix for IBM compressBound() rhbz#2056899
* Mon Jun 15 2020 Ondrej Dubaj <odubaj@redhat.com> - 1.2.11-17
- Fixed DFLTCC compression level switching issues (#1875492)
- Enabled HW compression for compression levels 1 through 6 (#1847438)
- Fixed inflateSyncPoint() bad return value on z15 (#1888930)
* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 1.2.11-31
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Mon Jun 15 2020 Ondrej Dubaj <odubaj@redhat.com> - 1.2.11-16
- Permit a deflateParams() parameter change
- Another fix for Z hardware-accelerated deflate for s390x architectures
- according to previous change by upstream
* Tue Jul 20 2021 Ondrej Dubaj <odubaj@redhat.com> - 1.2.11-30
- Fix for IBM CRC32 optimalization rhbz#1959423
* Mon Jun 15 2020 Ondrej Dubaj <odubaj@redhat.com> - 1.2.11-15
- Another fix for Z hardware-accelerated deflate for s390x architectures
* Thu Jul 15 2021 Ondrej Dubaj <odubaj@redhat.com> - 1.2.11-29
- Missing RPM_OPT_FLAGS in CFLAGS (#1972057)
* Mon May 25 2020 Ondrej Dubaj <odubaj@redhat.com> - 1.2.11-14
- Fix for Z hardware-accelerated deflate for s390x architectures
* Thu Jun 03 2021 Patrik Novotný <panovotn@redhat.com> - 1.2.11-28
- IBM CRC32 optimalization rhbz#1959423
- Enabled Z hardware-accelerated deflate for compression levels 1 through 6 (#1972057)
* Tue Oct 29 2019 Ondrej Dubaj <odubaj@redhat.com> - 1.2.11-13
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 1.2.11-27
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
* Wed Mar 31 2021 Ondrej Dubaj <odubaj@redhat.com> - 1.2.11-26
- fixed covscan issues for rhel-9
* Fri Feb 12 2021 Michal Schorm <mschorm@redhat.com> - 1.2.11-25
- Remove ancient PPC64 hack
- Remove aarch64 optimalizations (#1936823)
* Thu Jan 28 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.11-24
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Wed Nov 18 2020 Ondrej Dubaj <odubaj@redhat.com> - 1.2.11-23
- backport IBM Z updates to fedora
* Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.11-22
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Fri Jan 31 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.11-21
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Tue Oct 29 2019 Ondrej Dubaj <odubaj@redhat.com> - 1.2.11-20
- Added -DDFLTCC parameter to configure to enable
- Z hardware-accelerated deflate for s390x architectures (#1659433)
* Tue Oct 15 2019 Ondrej Dubaj <odubaj@redhat.com> - 1.2.11-12
- fixed covscan issues
* Thu Sep 05 2019 Ondrej Dubaj <odubaj@redhat.com> - 1.2.11-19
- IBM CRC32 optimalization for POWER 8+ architectures re-add
- fixed firefox crash duer to zlib (#1741266)
- added test for crc32
* Mon Oct 14 2019 Ondrej Dubaj <odubaj@redhat.com> - 1.2.11-11
* Thu Aug 15 2019 Ondrej Dubaj <odubaj@redhat.com> - 1.2.11-18
- IBM CRC32 optimalization for POWER 8+ architectures revert
* Thu Aug 01 2019 Ondrej Dubaj <odubaj@redhat.com> - 1.2.11-17
- IBM Z hardware-accelerated deflate for s390x architectures
- IBM CRC32 optimalization for POWER 8+ architectures
- fixed firefox crash due to zlib (#1741266)
- added test for crc32
* Sat Jul 27 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.11-16
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Sun Feb 03 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.11-15
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Tue Oct 2 2018 Peter Robinson <pbrobinson@fedoraproject.org> 1.2.11-14
- Bump build
* Tue Sep 18 2018 Peter Robinson <pbrobinson@fedoraproject.org> 1.2.11-13
- Revert aarch64 neon inflate optimisation
* Wed Aug 29 2018 Patrik Novotný <panovotn@redhat.com> - 1.2.11-12
- Rename minizip and minizip-devel to minizip-compat and minizip-compat-devel respectively
* Thu Aug 23 2018 Patrik Novotný <panovotn@redhat.com> - 1.2.11-11
- Provides minizip-compat and minizip-compat-devel
* Fri Aug 03 2018 Pavel Raiskup <praiskup@redhat.com> - 1.2.11-10
- sync with fedora rawhide
- add %%bcond for minizip
- use %%make_* macros
* Fri May 25 2018 Pavel Raiskup <praiskup@redhat.com> - 1.2.11-9
- revert previous aarch64 changes (rhbz#1582444, rhbz#1578798)
* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.11-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Mon Apr 30 2018 Peter Robinson <pbrobinson@fedoraproject.org> 1.2.11-8
- Optimisations for aarch64