From: Nathan Moin Vaziri Date: Sat, 11 Apr 2026 03:38:29 +0000 (-0700) Subject: Fix scan_endstr offset in longest_match slow path. X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c69e75e9e24bba709752268df239fee3c2e3dcfa;p=thirdparty%2Fzlib-ng.git Fix scan_endstr offset in longest_match slow path. LONGEST_MATCH_SLOW was using len - (STD_MIN_MATCH+1) instead of len - (STD_MIN_MATCH-1) for the end-of-string hash probe, hashing a window inside the already-matched region instead of ending one byte past the current match. The slow path was missing match extensions it should have been finding. The comment and the upstream fast_zlib source both specify the correct offset. Closes #2248. Reported-by: Sergey "Shnatsel" Davidoff <291257+Shnatsel@users.noreply.github.com> Reported-by: Folkert de Vries <7949978+folkertdev@users.noreply.github.com> --- diff --git a/match_tpl.h b/match_tpl.h index 88f4588a1..384b83b79 100644 --- a/match_tpl.h +++ b/match_tpl.h @@ -205,7 +205,7 @@ Z_INTERNAL uint32_t LONGEST_MATCH(deflate_state *const s, uint32_t cur_match) { * us include one more byte into hash - the byte which will be checked * in main loop now, and which allows to grow match by 1. */ - scan_endstr = scan + len - (STD_MIN_MATCH+1); + scan_endstr = scan + len - (STD_MIN_MATCH-1); // use update_hash_roll for deflate_slow hash = update_hash_roll(0, scan_endstr[0]); @@ -214,7 +214,7 @@ Z_INTERNAL uint32_t LONGEST_MATCH(deflate_state *const s, uint32_t cur_match) { pos = head[hash]; if (pos < cur_match) { - match_offset = len - (STD_MIN_MATCH+1); + match_offset = len - (STD_MIN_MATCH-1); if (pos <= limit_base + match_offset) return best_len; cur_match = pos;