deflate_medium: fix handling of overlapping matches

Fixes #361

diff --git a/CMakeLists.txt b/CMakeLists.txt
index b1845522b557a9e98df9a764ad81066a2705db1b..f33743fbf62cefa284540cf39e9fa88215fef544 100644 (file)
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -859,6 +859,13 @@ if (ZLIB_ENABLE_TESTS)
         target_link_libraries(CVE-2003-0107 zlib)
         add_test(NAME CVE-2003-0107 COMMAND CVE-2003-0107)
     endif()
+
+    set(GH_361_COMMAND ${CMAKE_CROSSCOMPILING_EMULATOR} $<TARGET_FILE:minigzip> -4)
+    add_test(NAME GH-361
+        COMMAND ${CMAKE_COMMAND}
+        "-DCOMMAND=${GH_361_COMMAND}"
+        -DINPUT=${CMAKE_CURRENT_SOURCE_DIR}/test/GH-361/test.txt
+        -P ${CMAKE_CURRENT_SOURCE_DIR}/cmake/run-and-redirect.cmake)
 endif()
 
 FEATURE_SUMMARY(WHAT ALL INCLUDE_QUIET_PACKAGES)

diff --git a/deflate_medium.c b/deflate_medium.c
index 330d255c875575c448de2b323ae3a0050afbfc7d..c23936ed53a2029de1aa3a4e1630c366105847fb 100644 (file)
--- a/deflate_medium.c
+++ b/deflate_medium.c
@@ -110,6 +110,8 @@ static void insert_match(deflate_state *s, struct match match) {
             } else {
                 functable.insert_string(s, match.strstart, match.orgstart - match.strstart + 1);
             }
+        } else if (match.orgstart < match.strstart + match.match_length) {
+            functable.insert_string(s, match.orgstart, match.strstart + match.match_length - match.orgstart);
         }
         match.strstart += match.match_length;
         match.match_length = 0;

diff --git a/test/GH-361/test.txt b/test/GH-361/test.txt
new file mode 100644 (file)
index 0000000..2b10281
--- /dev/null
+++ b/test/GH-361/test.txt
@@ -0,0 +1,4 @@
+.....-.u..|u....-...!..A.#?)9.._B..F..|
+00000650  fa 13 88 89 2c 1f 81 0f  e4 e9 ce 39 a0 87 2e 2e  |....,......9....|
+00000660  a5 0c 08 9c ec fc 88 6d  16 02 0a a0 3d fc 36 29  |.......m....=.6)|
+00000670  8d f5 c3 ba 1d 07 f4 78  e1 a0 41 f9 89 15 a5 69  |.......x..A....
\ No newline at end of file

diff --git a/test/INDEX b/test/INDEX
index f167df87e13dab90e80acef716238a40bd04c247..a1e6b7280888b13e374a6292c7a9fa82e81b74da 100644 (file)
--- a/test/INDEX
+++ b/test/INDEX
@@ -5,6 +5,8 @@ CVE-2002-0059  :
 CVE-2004-0797  :
 CVE-2005-1849  :
 CVE-2005-2096  : test cases for the relevant CVEs
+GH-361         : test case for overlapping matches
+                 https://github.com/zlib-ng/zlib-ng/issues/361
 
 testCVEinputs.sh: script to run tests for CVEs where input data is supplied
 

diff --git a/test/Makefile.in b/test/Makefile.in
index 4b858f744669e0943dd3e29d5225a8230d07e84c..caf49496dbae5aa94c62f85a702ba594313e9baa 100644 (file)
--- a/test/Makefile.in
+++ b/test/Makefile.in
@@ -14,7 +14,7 @@ COMPATTESTS =
 QEMU_RUN=
 QEMU_VER:=$(shell command -v $(QEMU_RUN) --version 2> /dev/null)
 
-all: oldtests cvetests $(COMPATTESTS) fuzzer
+all: oldtests cvetests $(COMPATTESTS) fuzzer ghtests
 
 oldtests: #set by ../configure
 check_cross_dep:
@@ -96,6 +96,12 @@ CVE-2003-0107.o: $(SRCDIR)/CVE-2003-0107.c
 CVE-2003-0107$(EXE): CVE-2003-0107.o
        $(CC) $(CFLAGS) -o $@ CVE-2003-0107.o $(TEST_LDFLAGS)
 
+.PHONY: ghtests
+ghtests: testGH-361
+
+.PHONY: testGH-361
+testGH-361:
+       $(QEMU_RUN) ../minigzip$(EXE) -4 <$(SRCDIR)/GH-361/test.txt >/dev/null
 
 clean:
        rm -f *.o *.gcda *.gcno *.gcov