bug#63848: [PATCH] Incorrect usage of inflate() from zlib in decompress.c

[cortexauth]

Hey there,

 

While building Emacs one of my friends encountered a bug where entering certain commands such as `M-x eww RET`
After some digging in, we found this was because of Z_BUF_ERROR arising in decompress.c:150

Per the docs (inflate (linuxbase.org)) this happens when either of in or out buffer runs out and there is no further possible progress

The code makes a wrong assumption that IF `stream.avail_out` is zero, we can keep on inflating. It’s possible for `stream.avail_in` and `stream.avail_out` to be both zero at the same time (I don’t have a minimalistic test case for this yet, but I am sure that one can construct this with some thought)

Following is the patch for the fix

--
--- a/src/decompress.c

+++ b/src/decompress.c

@@ -151,7 +151,7 @@ md5_gz_stream (FILE *source, void *resblock)

        return -1;

 

       accumulate_and_process_md5 (out, MD5_BLOCKSIZE - stream.avail_out, &ctx);

-    } while (stream.avail_in && !stream.avail_out);

+    } while (!stream.avail_out);

 

   } while (res != Z_STREAM_END);
--

This is also my first time contributing so I might have made mistakes in making a good patch (one is obviously my incapability to quickly think of minimal test case), so I will appreciate suggestions

 

Thanks,

Deepak Sharma