From: Ilya Leoshkevich <iii@linux.ibm.com>
Date: Fri, 14 Jun 2019 13:33:04 +0000 (+0200)
Subject: deflate_medium: fix handling of overlapping matches
X-Git-Tag: 1.9.9-b1~471
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d4b927b3462711795dde8cd7d787b9dabbf3f3bd;p=thirdparty%2Fzlib-ng.git

deflate_medium: fix handling of overlapping matches

Fixes #361
---

diff --git a/CMakeLists.txt b/CMakeLists.txt
index b1845522..f33743fb 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -859,6 +859,13 @@ if (ZLIB_ENABLE_TESTS)
         target_link_libraries(CVE-2003-0107 zlib)
         add_test(NAME CVE-2003-0107 COMMAND CVE-2003-0107)
     endif()
+
+    set(GH_361_COMMAND ${CMAKE_CROSSCOMPILING_EMULATOR} $<TARGET_FILE:minigzip> -4)
+    add_test(NAME GH-361
+        COMMAND ${CMAKE_COMMAND}
+        "-DCOMMAND=${GH_361_COMMAND}"
+        -DINPUT=${CMAKE_CURRENT_SOURCE_DIR}/test/GH-361/test.txt
+        -P ${CMAKE_CURRENT_SOURCE_DIR}/cmake/run-and-redirect.cmake)
 endif()
 
 FEATURE_SUMMARY(WHAT ALL INCLUDE_QUIET_PACKAGES)
diff --git a/deflate_medium.c b/deflate_medium.c
index 330d255c..c23936ed 100644
--- a/deflate_medium.c
+++ b/deflate_medium.c
@@ -110,6 +110,8 @@ static void insert_match(deflate_state *s, struct match match) {
             } else {
                 functable.insert_string(s, match.strstart, match.orgstart - match.strstart + 1);
             }
+        } else if (match.orgstart < match.strstart + match.match_length) {
+            functable.insert_string(s, match.orgstart, match.strstart + match.match_length - match.orgstart);
         }
         match.strstart += match.match_length;
         match.match_length = 0;
diff --git a/test/GH-361/test.txt b/test/GH-361/test.txt
new file mode 100644
index 00000000..2b102819
--- /dev/null
+++ b/test/GH-361/test.txt
@@ -0,0 +1,4 @@
+.....-.u..|u....-...!..A.#?)9.._B..F..|
+00000650  fa 13 88 89 2c 1f 81 0f  e4 e9 ce 39 a0 87 2e 2e  |....,......9....|
+00000660  a5 0c 08 9c ec fc 88 6d  16 02 0a a0 3d fc 36 29  |.......m....=.6)|
+00000670  8d f5 c3 ba 1d 07 f4 78  e1 a0 41 f9 89 15 a5 69  |.......x..A....
\ No newline at end of file
diff --git a/test/INDEX b/test/INDEX
index f167df87..a1e6b728 100644
--- a/test/INDEX
+++ b/test/INDEX
@@ -5,6 +5,8 @@ CVE-2002-0059  :
 CVE-2004-0797  :
 CVE-2005-1849  :
 CVE-2005-2096  : test cases for the relevant CVEs
+GH-361         : test case for overlapping matches
+                 https://github.com/zlib-ng/zlib-ng/issues/361
 
 testCVEinputs.sh: script to run tests for CVEs where input data is supplied
 
diff --git a/test/Makefile.in b/test/Makefile.in
index 4b858f74..caf49496 100644
--- a/test/Makefile.in
+++ b/test/Makefile.in
@@ -14,7 +14,7 @@ COMPATTESTS =
 QEMU_RUN=
 QEMU_VER:=$(shell command -v $(QEMU_RUN) --version 2> /dev/null)
 
-all: oldtests cvetests $(COMPATTESTS) fuzzer
+all: oldtests cvetests $(COMPATTESTS) fuzzer ghtests
 
 oldtests: #set by ../configure
 check_cross_dep:
@@ -96,6 +96,12 @@ CVE-2003-0107.o: $(SRCDIR)/CVE-2003-0107.c
 CVE-2003-0107$(EXE): CVE-2003-0107.o
 	$(CC) $(CFLAGS) -o $@ CVE-2003-0107.o $(TEST_LDFLAGS)
 
+.PHONY: ghtests
+ghtests: testGH-361
+
+.PHONY: testGH-361
+testGH-361:
+	$(QEMU_RUN) ../minigzip$(EXE) -4 <$(SRCDIR)/GH-361/test.txt >/dev/null
 
 clean:
 	rm -f *.o *.gcda *.gcno *.gcov