bug-gzip
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

gzip refuses to decompress inferno.tgz (+ patch)

From: Paul Eggert
Subject: gzip refuses to decompress inferno.tgz (+ patch)
Date: Wed, 20 Dec 2006 15:44:18 -0800
User-agent: Gnus/5.1008 (Gnus v5.10.8) Emacs/21.4 (gnu/linux) 
Package: gzip
Version: 1.3.5-10sarge2

Yiorgos Adamopoulos <address@hidden> writes:

> Hi!  I tried to gunzip
> http://www.vitanuova.com/dist/4e/20060303/inferno.tgz using version
> 1.3.5 (I work on an Ubuntu 6.06 LTS) and got:
>
> address@hidden:~/tmp$ gunzip inferno.tgz
>
> gunzip: inferno.tgz: invalid compressed data--format violated

Thanks very much for reporting that.  Do you happen to know what
program generated that .tgz file?

Anyway, this is clearly a regression in gzip, regardless of whether
the stream has a valid format, so I installed the following patch into
gzip.  I am CC'ing this to the Debian bug address and to Thomas Biege.

2006-12-20  Paul Eggert  <address@hidden>

        * inflate.c (huft_build): Fix regression that caused gzip to
        refuse to uncompress null input (all zero length codes).  Problem
        reported by Yiorgos Adamopoulos.  This regression was caused by
        the security patch installed 2006-11-20, which in turn came from
        Debian, which in turn apparently came from Thomas Biege of SuSe.

Index: inflate.c
===================================================================
RCS file: /cvsroot/gzip/gzip/inflate.c,v
retrieving revision 1.5
retrieving revision 1.6
diff -p -u -r1.5 -r1.6
--- inflate.c   27 Nov 2006 00:51:37 -0000      1.5
+++ inflate.c   20 Dec 2006 23:30:17 -0000      1.6
@@ -116,7 +116,7 @@
  */
 
 #ifdef RCSID
-static char rcsid[] = "$Id: inflate.c,v 1.5 2006/11/27 00:51:37 eggert Exp $";
+static char rcsid[] = "$Id: inflate.c,v 1.6 2006/12/20 23:30:17 eggert Exp $";
 #endif
 
 #include <config.h>
@@ -335,9 +335,16 @@ int *m;                 /* maximum looku
   } while (--i);
   if (c[0] == n)                /* null input--all zero length codes */
   {
-    *t = (struct huft *)NULL;
-    *m = 0;
-    return 2;
+    q = (struct huft *) malloc (2 * sizeof *q);
+    if (!q)
+      return 3;
+    hufts += 2;
+    q[0].v.t = (struct huft *) NULL;
+    q[1].e = 99;    /* invalid code marker */
+    q[1].b = 1;
+    *t = q + 1;
+    *m = 1;
+    return 0;
   }
reply via email to
[Prev in Thread] Current Thread [Next in Thread]