Gitiles
Code Review Sign In
git01.mediatek.com / filogic / uboot / 4eab176117fd8b1a492714ddd1cd5660c87d3324^! / . / lib / zlib / deflate.c
commit4eab176117fd8b1a492714ddd1cd5660c87d3324[log] [tgz]
authorTom Rini <trini@konsulko.com>Sun Jun 30 19:03:14 2024 -0600
committerTom Rini <trini@konsulko.com>Sun Jun 30 19:03:14 2024 -0600
tree3e54d8c227b690177c26db6677719f0d194f5337
parent4ca22d57935ed92605b212c1b7cfd4273f4ccb09 [diff] [blame]
Revert "Merge patch series "zlib: Address CVE-2016-9841""

This series brings our zlib code more up to date. However, it drops an
important performance improvement that is required on some of our
supported platforms in order to boot Linux before the watchdog resets
the system. Furthermore, the "post increment" version of this
performance loop was not tested, so while we can fix it, it would then
require re-testing all platforms. At this point in time, we will revert
updating zlib (which has had a potential security issue since 2016) and
fix this in the v2024.10 release.

This reverts commit 4914263c9a14315390d3ccc4816cf3a94cfd156d, reversing
changes made to ef8ef5f77c9a998f76a48277a883af1645b54117.

Reported-by: Christophe Leroy <christophe.leroy@csgroup.eu>
Signed-off-by: Tom Rini <trini@konsulko.com>

diff --git a/lib/zlib/deflate.c b/lib/zlib/deflate.c
index 7e1ed4f..4549f4d 100644
--- a/lib/zlib/deflate.c
+++ b/lib/zlib/deflate.c

@@ -196,30 +196,37 @@
     zmemzero((Bytef *)s->head, (unsigned)(s->hash_size-1)*sizeof(*s->head));
 
 /* ========================================================================= */
-int ZEXPORT deflateInit_(strm, level, stream_size)
+int ZEXPORT deflateInit_(strm, level, version, stream_size)
     z_streamp strm;
     int level;
+    const char *version;
     int stream_size;
 {
     return deflateInit2_(strm, level, Z_DEFLATED, MAX_WBITS, DEF_MEM_LEVEL,
-                         Z_DEFAULT_STRATEGY, stream_size);
+                         Z_DEFAULT_STRATEGY, version, stream_size);
     /* To do: ignore strm->next_in if we use it as window */
 }
 
 /* ========================================================================= */
 int ZEXPORT deflateInit2_(strm, level, method, windowBits, memLevel, strategy,
-                  stream_size)
+                  version, stream_size)
     z_streamp strm;
     int  level;
     int  method;
     int  windowBits;
     int  memLevel;
     int  strategy;
+    const char *version;
     int stream_size;
 {
     deflate_state *s;
     int wrap = 1;
+    static const char my_version[] = ZLIB_VERSION;
 
+    if (version == Z_NULL || version[0] != my_version[0] ||
+        stream_size != sizeof(z_stream)) {
+        return Z_VERSION_ERROR;
+    }
     if (strm == Z_NULL) return Z_STREAM_ERROR;
 
     strm->msg = Z_NULL;