fix #187: remove errors exposed by undefined behavior sanitizer

author Sebastian Pop <s.pop@samsung.com>

Wed, 15 Aug 2018 20:28:41 +0000 (15:28 -0500)

committer Hans Kristian Rosbach <hk-github@circlestorm.org>

Thu, 20 Sep 2018 06:09:07 +0000 (08:09 +0200)
author Sebastian Pop <s.pop@samsung.com>
Wed, 15 Aug 2018 20:28:41 +0000 (15:28 -0500)
committer Hans Kristian Rosbach <hk-github@circlestorm.org>
Thu, 20 Sep 2018 06:09:07 +0000 (08:09 +0200)
diff --git a/adler32.c b/adler32.c

index 5724b2d13fc20dfdbe82607ccaa26016c538ccb1..dbbb5fe5772e8fe5dfdd24db68e841c259034189 100644 (file)
--- a/adler32.c
+++ b/adler32.c
@@ -88,7 +88,8 @@ uint32_t adler32_c(uint32_t adler, const unsigned char *buf, size_t len) {
  
      /* in case short lengths are provided, keep it somewhat fast */
      if (len < 16) {
-        while (len--) {
+        while (len) {
+            --len;
              adler += *buf++;
              sum2 += adler;
          }
@@ -133,7 +134,8 @@ uint32_t adler32_c(uint32_t adler, const unsigned char *buf, size_t len) {
              buf += 8;
  #endif
          }
-        while (len--) {
+        while (len) {
+            --len;
              adler += *buf++;
              sum2 += adler;
          }
diff --git a/arch/x86/deflate_quick.c b/arch/x86/deflate_quick.c

index bb9ca280f5e3c76610c592503618561ecd07a4f6..789ef323ca9fdfaacb8cbe26817e6686803065af 100644 (file)
--- a/arch/x86/deflate_quick.c
+++ b/arch/x86/deflate_quick.c
@@ -240,7 +240,7 @@ ZLIB_INTERNAL block_state deflate_quick(deflate_state *s, int flush) {
              hash_head = quick_insert_string(s, s->strstart);
              dist = s->strstart - hash_head;
  
-            if ((dist-1) < (s->w_size - 1)) {
+            if (dist > 0 && (dist-1) < (s->w_size - 1)) {
                  match_len = compare258(s->window + s->strstart, s->window + s->strstart - dist);
  
                  if (match_len >= MIN_MATCH) {
diff --git a/arch/x86/fill_window_sse.c b/arch/x86/fill_window_sse.c

index 91e56b269a4bedf25c6484cbe688e3373ecaf41c..745ecebffd0ace331a119212d5b7d66469e307ff 100644 (file)
--- a/arch/x86/fill_window_sse.c
+++ b/arch/x86/fill_window_sse.c
@@ -49,7 +49,7 @@ ZLIB_INTERNAL void fill_window_sse(deflate_state *s) {
           */
          if (s->strstart >= wsize+MAX_DIST(s)) {
              memcpy(s->window, s->window+wsize, (unsigned)wsize);
-            s->match_start -= wsize;
+            s->match_start = (s->match_start >= wsize) ? s->match_start - wsize : 0;
              s->strstart    -= wsize; /* we now have strstart >= MAX_DIST */
              s->block_start -= (long) wsize;
  
diff --git a/inflate.c b/inflate.c

index bbab72e3e444ede98bf247a8b4b65edbe552f841..469dde6e2588b040300a8bda471b6acb139d60e7 100644 (file)
--- a/inflate.c
+++ b/inflate.c
@@ -969,8 +969,10 @@ int ZEXPORT PREFIX(inflate)(PREFIX3(stream) *strm, int flush) {
                          state->mode = BAD;
                          break;
                      }
-                    while (copy--)
+                    while (copy) {
+                        --copy;
                          state->lens[state->have++] = (uint16_t)len;
+                    }
                  }
              }
author	Sebastian Pop <s.pop@samsung.com>
	Wed, 15 Aug 2018 20:28:41 +0000 (15:28 -0500)
committer	Hans Kristian Rosbach <hk-github@circlestorm.org>
	Thu, 20 Sep 2018 06:09:07 +0000 (08:09 +0200)
adler32.c		patch \| blob \| blame \| history
arch/x86/deflate_quick.c		patch \| blob \| blame \| history
arch/x86/fill_window_sse.c		patch \| blob \| blame \| history
inflate.c		patch \| blob \| blame \| history