-
Notifications
You must be signed in to change notification settings - Fork 2.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Out-of-source build #6
Closed
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
geoff-nixon
referenced
this pull request
in geoff-nixon/zlib
May 6, 2016
Run tests on Travis CI with .travis.yml
mgoblue
referenced
this pull request
in TechSmith/zlib
Jun 5, 2018
https://stackoverflow.com/a/6559315 Read #6 & #7 from http://www.zlib.net/DLL_FAQ.txt for more information. Properties => C/C== => Preprocessor => Preprocessor Definitions
sebpop
pushed a commit
to sebpop/zlib
that referenced
this pull request
Nov 15, 2018
this patch fixes a use of uninitialized value discovered by one of the fuzzers of the oss-fuzz project: https://github.com/google/oss-fuzz/blob/master/projects/zlib/example_dict_fuzzer.c clang's memory sanitizer fails with: ==1==WARNING: MemorySanitizer: use-of-uninitialized-value #0 0x5930dd in slide_hash zlib/deflate.c:222:20 madler#1 0x589461 in fill_window zlib/deflate.c:1558:13 madler#2 0x59828f in deflate_rle zlib/deflate.c:2119:13 madler#3 0x590614 in deflate zlib/deflate.c:1045:41 madler#4 0x4a2d56 in test_dict_deflate /src/example_dict_fuzzer.c:79:11 madler#5 0x4a3e9b in LLVMFuzzerTestOneInput /src/example_dict_fuzzer.c:156:3 madler#6 0x4ed04b in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/libfuzzer/FuzzerLoop.cpp:571:15 madler#7 0x4a4ff6 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/libfuzzer/FuzzerDriver.cpp:280:6 madler#8 0x4b5e1a in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/libfuzzer/FuzzerDriver.cpp:713:9 madler#9 0x4a4121 in main /src/libfuzzer/FuzzerMain.cpp:20:10 madler#10 0x7f3d7a13b82f in __libc_start_main /build/glibc-Cl5G7W/glibc-2.23/csu/libc-start.c:291 madler#11 0x41ed08 in _start Uninitialized value was created by a heap allocation #0 0x45fa10 in malloc /src/llvm/projects/compiler-rt/lib/msan/msan_interceptors.cc:911 madler#1 0x586920 in deflateInit2_ zlib/deflate.c:320:27 madler#2 0x4a2a24 in test_dict_deflate /src/example_dict_fuzzer.c:61:11 madler#3 0x4a3e9b in LLVMFuzzerTestOneInput /src/example_dict_fuzzer.c:156:3 madler#4 0x4ed04b in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/libfuzzer/FuzzerLoop.cpp:571:15 madler#5 0x4a4ff6 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/libfuzzer/FuzzerDriver.cpp:280:6 madler#6 0x4b5e1a in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/libfuzzer/FuzzerDriver.cpp:713:9 madler#7 0x4a4121 in main /src/libfuzzer/FuzzerMain.cpp:20:10 madler#8 0x7f3d7a13b82f in __libc_start_main /build/glibc-Cl5G7W/glibc-2.23/csu/libc-start.c:291
hzhuang1
pushed a commit
to Linaro/warpdrive-zlib
that referenced
this pull request
Jul 31, 2019
…eflate_quick by aggregating the two consecutive values to be written by static_emit_ptr to s->pending_buf and writing the two values at once in a 4 byte store, we avoid running out of the allocated buffer. We used to call quick_send_bits twice and bumped the counter s->pending in the first call, which made the second call write to memory beyond the safe 4 bytes that were guaranteed by the following condition in the enclosing loop in deflate_quick: if (s->pending + 4 >= s->pending_buf_size) { flush_pending(s->strm); The bug was exposed by the memory sanitizer like so: MemorySanitizer:DEADLYSIGNAL -- | ==1==ERROR: MemorySanitizer: SEGV on unknown address 0x730000020000 (pc 0x0000005b6ce4 bp 0x7fff59adb5e0 sp 0x7fff59adb570 T1) | ==1==The signal is caused by a WRITE memory access. | #0 0x5b6ce3 in quick_send_bits zlib-ng/arch/x86/deflate_quick.c:134:48 | madler#1 0x5b5752 in deflate_quick zlib-ng/arch/x86/deflate_quick.c:243:21 | madler#2 0x590a15 in zng_deflate zlib-ng/deflate.c:952:18 | madler#3 0x587165 in zng_compress2 zlib-ng/compress.c:59:15 | madler#4 0x5866d3 in check_compress_level zlib-ng/test/fuzz/compress_fuzzer.c:22:3 | madler#5 0x5862d8 in LLVMFuzzerTestOneInput zlib-ng/test/fuzz/compress_fuzzer.c:74:3 | madler#6 0x4e9b48 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/libfuzzer/FuzzerLoop.cpp:575:15 | madler#7 0x4a2f66 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/libfuzzer/FuzzerDriver.cpp:280:6 | madler#8 0x4b3adb in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/libfuzzer/FuzzerDriver.cpp:715:9 | madler#9 0x4a2091 in main /src/libfuzzer/FuzzerMain.cpp:20:10 | madler#10 0x7fb8919b082f in __libc_start_main /build/glibc-Cl5G7W/glibc-2.23/csu/libc-start.c:291 | madler#11 0x41ec68 in _start | MemorySanitizer can not provide additional info. | SUMMARY: MemorySanitizer: SEGV (/mnt/scratch0/clusterfuzz/slave-bot/builds/clusterfuzz-builds_zlib-ng_7ead0a3e4980f024583384fd355b6e3ddd4b2ca2/revisions/compress_fuzzer+0x5b6ce3)
hzhuang1
pushed a commit
to Linaro/warpdrive-zlib
that referenced
this pull request
Jul 31, 2019
…ed-value ==1==WARNING: MemorySanitizer: use-of-uninitialized-value #0 0x59fa93 in deflate_medium zlib-ng/deflate_medium.c:259:21 madler#1 0x590905 in zng_deflate zlib-ng/deflate.c:951:18 madler#2 0x587095 in zng_compress2 zlib-ng/compress.c:59:15 madler#3 0x5866e3 in check_compress_level zlib-ng/test/fuzz/compress_fuzzer.c:18:3 madler#4 0x5862fd in LLVMFuzzerTestOneInput zlib-ng/test/fuzz/compress_fuzzer.c:38:3 madler#5 0x4e9b48 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/libfuzzer/FuzzerLoop.cpp:575:15 madler#6 0x4a2f66 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/libfuzzer/FuzzerDriver.cpp:280:6 madler#7 0x4b3adb in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/libfuzzer/FuzzerDriver.cpp:715:9 madler#8 0x4a2091 in main /src/libfuzzer/FuzzerMain.cpp:20:10 madler#9 0x7fea2fea482f in __libc_start_main /build/glibc-Cl5G7W/glibc-2.23/csu/libc-start.c:291 madler#10 0x41ec68 in _start Uninitialized value was created by a heap allocation #0 0x45f2a0 in malloc /src/llvm/projects/compiler-rt/lib/msan/msan_interceptors.cc:910 madler#1 0x587d42 in zng_deflateInit2_ zlib-ng/deflate.c:284:27 madler#2 0x5874fa in zng_deflateInit_ zlib-ng/deflate.c:224:12 madler#3 0x586c95 in zng_compress2 zlib-ng/compress.c:41:11 madler#4 0x5866e3 in check_compress_level zlib-ng/test/fuzz/compress_fuzzer.c:18:3 madler#5 0x5862fd in LLVMFuzzerTestOneInput zlib-ng/test/fuzz/compress_fuzzer.c:38:3 madler#6 0x4e9b48 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/libfuzzer/FuzzerLoop.cpp:575:15 madler#7 0x4a2f66 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/libfuzzer/FuzzerDriver.cpp:280:6 madler#8 0x4b3adb in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/libfuzzer/FuzzerDriver.cpp:715:9 madler#9 0x4a2091 in main /src/libfuzzer/FuzzerMain.cpp:20:10 madler#10 0x7fea2fea482f in __libc_start_main /build/glibc-Cl5G7W/glibc-2.23/csu/libc-start.c:291
hzhuang1
pushed a commit
to Linaro/warpdrive-zlib
that referenced
this pull request
Jul 31, 2019
==4908==ERROR: MemorySanitizer: SEGV on unknown address 0x730fffffffff (pc 0x0000004b1b97 bp 0x7ffd4bf59a00 sp 0x7ffd4bf598a0 T4908) ==4908==The signal is caused by a READ memory access. #0 0x5a0599 in fizzle_matches zlib-ng/deflate_medium.c:168:12 madler#1 0x59ea27 in deflate_medium zlib-ng/deflate_medium.c:296:21 madler#2 0x5901c5 in zng_deflate zlib-ng/deflate.c:951:18 madler#3 0x586955 in zng_compress2 zlib-ng/compress.c:59:15 madler#4 0x5861eb in LLVMFuzzerTestOneInput zlib-ng/test/fuzz/compress_fuzzer.c:18:3 madler#5 0x4e9b48 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/libfuzzer/FuzzerLoop.cpp:575:15 madler#6 0x4a2f66 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/libfuzzer/FuzzerDriver.cpp:280:6 madler#7 0x4b3adb in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/libfuzzer/FuzzerDriver.cpp:715:9 madler#8 0x4a2091 in main /src/libfuzzer/FuzzerMain.cpp:20:10 madler#9 0x7fa3d7ff582f in __libc_start_main /build/glibc-Cl5G7W/glibc-2.23/csu/libc-start.c:291 madler#10 0x41ec68 in _start
hzhuang1
pushed a commit
to Linaro/warpdrive-zlib
that referenced
this pull request
Jul 31, 2019
Before this patch cmake -DWITH_SANITIZERS=1 make make test used to fail with: Running tests... Test project /home/hansr/github/zlib/zlib-ng Start 1: example 1/2 Test madler#1: example ..........................***Failed 0.14 sec Start 2: example64 2/2 Test madler#2: example64 ........................***Failed 0.13 sec ==11605==ERROR: AddressSanitizer: memcpy-param-overlap: memory ranges [0x62e000000595,0x62e0000053b5) and [0x62e000000400, 0x62e000005220) overlap #0 0x7fab3bcc9662 in __asan_memcpy (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x8c662) madler#1 0x40f936 in memcpy /usr/include/x86_64-linux-gnu/bits/string3.h:53 madler#2 0x40f936 in read_buf /home/spop/s/zlib-ng/deflate.c:1122 madler#3 0x410458 in deflate_stored /home/spop/s/zlib-ng/deflate.c:1394 madler#4 0x4133d7 in zng_deflate /home/spop/s/zlib-ng/deflate.c:945 madler#5 0x402253 in test_large_deflate /home/spop/s/zlib-ng/test/example.c:275 madler#6 0x4014e8 in main /home/spop/s/zlib-ng/test/example.c:536 madler#7 0x7fab3b89382f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) madler#8 0x4018e8 in _start (/work/spop/zlib-ng/example+0x4018e8) 0x62e000000595 is located 405 bytes inside of 40000-byte region [0x62e000000400,0x62e00000a040) allocated by thread T0 here: #0 0x7fab3bcd579a in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x9879a) madler#1 0x40147a in main /home/spop/s/zlib-ng/test/example.c:516 0x62e000000400 is located 0 bytes inside of 40000-byte region [0x62e000000400,0x62e00000a040) allocated by thread T0 here: #0 0x7fab3bcd579a in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x9879a) madler#1 0x40147a in main /home/spop/s/zlib-ng/test/example.c:516 SUMMARY: AddressSanitizer: memcpy-param-overlap ??:0 __asan_memcpy ==11605==ABORTING fix bug madler#183 following recommendations of Mika Lindqvist > the problem is in line c_stream.avail_in = (unsigned int)comprLen/2; > which feeds it too much data ... it should cap it to > c_stream.next_out - compr instead.
Lecrapouille
pushed a commit
to Lecrapouille/zlib
that referenced
this pull request
Sep 5, 2021
this patch fixes a use of uninitialized value discovered by one of the fuzzers of the oss-fuzz project: https://github.com/google/oss-fuzz/blob/master/projects/zlib/example_dict_fuzzer.c clang's memory sanitizer fails with: ==1==WARNING: MemorySanitizer: use-of-uninitialized-value #0 0x5930dd in slide_hash zlib/deflate.c:222:20 madler#1 0x589461 in fill_window zlib/deflate.c:1558:13 madler#2 0x59828f in deflate_rle zlib/deflate.c:2119:13 madler#3 0x590614 in deflate zlib/deflate.c:1045:41 madler#4 0x4a2d56 in test_dict_deflate /src/example_dict_fuzzer.c:79:11 madler#5 0x4a3e9b in LLVMFuzzerTestOneInput /src/example_dict_fuzzer.c:156:3 madler#6 0x4ed04b in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/libfuzzer/FuzzerLoop.cpp:571:15 madler#7 0x4a4ff6 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/libfuzzer/FuzzerDriver.cpp:280:6 madler#8 0x4b5e1a in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/libfuzzer/FuzzerDriver.cpp:713:9 madler#9 0x4a4121 in main /src/libfuzzer/FuzzerMain.cpp:20:10 madler#10 0x7f3d7a13b82f in __libc_start_main /build/glibc-Cl5G7W/glibc-2.23/csu/libc-start.c:291 madler#11 0x41ed08 in _start Uninitialized value was created by a heap allocation #0 0x45fa10 in malloc /src/llvm/projects/compiler-rt/lib/msan/msan_interceptors.cc:911 madler#1 0x586920 in deflateInit2_ zlib/deflate.c:320:27 madler#2 0x4a2a24 in test_dict_deflate /src/example_dict_fuzzer.c:61:11 madler#3 0x4a3e9b in LLVMFuzzerTestOneInput /src/example_dict_fuzzer.c:156:3 madler#4 0x4ed04b in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/libfuzzer/FuzzerLoop.cpp:571:15 madler#5 0x4a4ff6 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/libfuzzer/FuzzerDriver.cpp:280:6 madler#6 0x4b5e1a in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/libfuzzer/FuzzerDriver.cpp:713:9 madler#7 0x4a4121 in main /src/libfuzzer/FuzzerMain.cpp:20:10 madler#8 0x7f3d7a13b82f in __libc_start_main /build/glibc-Cl5G7W/glibc-2.23/csu/libc-start.c:291
GerHobbelt
pushed a commit
to GerHobbelt/zlib
that referenced
this pull request
Nov 20, 2021
When there are no symbols in the tree we skip build_tree calculations and emit a block using static tree with no codes. trees.c:357:19: runtime error: unsigned integer overflow: 0 - 1 cannot be represented in type 'unsigned long' #0 0x1000ed79b in build_tree trees.c:357 madler#1 0x1000ea3f5 in zng_tr_flush_block trees.c:649 madler#2 0x100090ab0 in deflate_slow deflate_slow.c:131 madler#3 0x1000572bc in zng_deflate deflate.c:990 madler#4 0x1000aecd3 in gz_comp gzwrite.c:125 madler#5 0x1000b05df in zng_gzclose_w gzwrite.c:511 madler#6 0x1000967a4 in zng_gzclose gzlib.c:253 madler#7 0x100004f70 in test_gzio example.c:133 madler#8 0x100010c5b in main example.c:1034 madler#9 0x7fff71f57cc8 in start+0x0 (libdyld.dylib:x86_64+0x1acc8)
GerHobbelt
pushed a commit
to GerHobbelt/zlib
that referenced
this pull request
Nov 20, 2021
…heck-features-constructor Backport Check for x86 features when the library is loaded.
GrabYourPitchforks
pushed a commit
to GrabYourPitchforks/zlib
that referenced
this pull request
Jul 28, 2022
The deflate_quick strategy is designed to provide maximum deflate performance. deflate_quick achieves this through: - only checking the first hash match - using a small inline SSE4.2-optimized longest_match - forcing a window size of 8K, and using a precomputed dist/len table - forcing the static Huffman tree and emitting codes immediately instead of tallying This patch changes the scope of flush_pending, bi_windup, and static_ltree to ZLIB_INTERNAL and moves END_BLOCK, send_code, put_short, and send_bits to deflate.h. Updates the configure script to enable by default for x86. On systems without SSE4.2, fallback is to deflate_fast strategy. Fixes madler#6 Fixes madler#8
GrabYourPitchforks
pushed a commit
to GrabYourPitchforks/zlib
that referenced
this pull request
Jul 28, 2022
The deflate_quick strategy is designed to provide maximum deflate performance. deflate_quick achieves this through: - only checking the first hash match - using a small inline SSE4.2-optimized longest_match - forcing a window size of 8K, and using a precomputed dist/len table - forcing the static Huffman tree and emitting codes immediately instead of tallying This patch changes the scope of flush_pending, bi_windup, and static_ltree to ZLIB_INTERNAL and moves END_BLOCK, send_code, put_short, and send_bits to deflate.h. Updates the configure script to enable by default for x86. On systems without SSE4.2, fallback is to deflate_fast strategy. Fixes madler#6 Fixes madler#8
GrabYourPitchforks
pushed a commit
to GrabYourPitchforks/zlib
that referenced
this pull request
Aug 30, 2023
The deflate_quick strategy is designed to provide maximum deflate performance. deflate_quick achieves this through: - only checking the first hash match - using a small inline SSE4.2-optimized longest_match - forcing a window size of 8K, and using a precomputed dist/len table - forcing the static Huffman tree and emitting codes immediately instead of tallying This patch changes the scope of flush_pending, bi_windup, and static_ltree to ZLIB_INTERNAL and moves END_BLOCK, send_code, put_short, and send_bits to deflate.h. Updates the configure script to enable by default for x86. On systems without SSE4.2, fallback is to deflate_fast strategy. Fixes madler#6 Fixes madler#8
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Examples could not find zlib.h.