Reject a window size of 256 bytes if not using the zlib wrapper.

There is a bug in deflate for windowBits == 8 (256-byte window).
As a result, zlib silently changes a request for 8 to a request
for 9 (512-byte window), and sets the zlib header accordingly so
that the decompressor knows to use a 512-byte window. However if
deflateInit2() is used for raw deflate or gzip streams, then there
is no indication that the request was not honored, and the
application might assume that it can use a 256-byte window when
decompressing. This commit returns an error if the user requests
a 256-byte window when using raw deflate or gzip encoding.

diff --git a/deflate.c b/deflate.c
index 9e8db2d86af67ec1efb8d0722f73d355f7bb0d70..33c660335354df0aea0be37e85ec7cbb73da5ef7 100644 (file)
--- a/deflate.c
+++ b/deflate.c
@@ -201,7 +201,8 @@ int ZEXPORT deflateInit2_(z_stream *strm, int level, int method, int windowBits,
 #endif
     }
     if (memLevel < 1 || memLevel > MAX_MEM_LEVEL || method != Z_DEFLATED || windowBits < 8 ||
-        windowBits > 15 || level < 0 || level > 9 || strategy < 0 || strategy > Z_FIXED) {
+        windowBits > 15 || level < 0 || level > 9 || strategy < 0 || strategy > Z_FIXED ||
+        (windowBits == 8 && wrap != 1)) {
         return Z_STREAM_ERROR;
     }
     if (windowBits == 8)