From unknown Tue Aug 19 12:49:57 2025 X-Loop: help-debbugs@gnu.org Subject: bug#63832: fix failed inflation of .el.gz archives due to passing empty buffer to inflate() Resent-From: Amritpal Singh Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Fri, 02 Jun 2023 07:53:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 63832 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: To: 63832@debbugs.gnu.org X-Debbugs-Original-To: bug-gnu-emacs@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.16856923423762 (code B ref -1); Fri, 02 Jun 2023 07:53:02 +0000 Received: (at submit) by debbugs.gnu.org; 2 Jun 2023 07:52:22 +0000 Received: from localhost ([127.0.0.1]:39030 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1q4za7-0000yT-R1 for submit@debbugs.gnu.org; Fri, 02 Jun 2023 03:52:22 -0400 Received: from lists.gnu.org ([209.51.188.17]:41468) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1q4yd9-0007j9-Qp for submit@debbugs.gnu.org; Fri, 02 Jun 2023 02:51:26 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q4yd6-0004Wb-QA for bug-gnu-emacs@gnu.org; Fri, 02 Jun 2023 02:51:21 -0400 Received: from mail-lf1-x12d.google.com ([2a00:1450:4864:20::12d]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1q4yd4-0007c4-VH for bug-gnu-emacs@gnu.org; Fri, 02 Jun 2023 02:51:20 -0400 Received: by mail-lf1-x12d.google.com with SMTP id 2adb3069b0e04-4f60a27c4a2so1779408e87.2 for ; Thu, 01 Jun 2023 23:51:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1685688677; x=1688280677; h=to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=HOM1mZo2U4ZCcBwBq/Zlug7Ps1g+OYwhaw8lkE+YmWs=; b=G0EzcfEAwV13SCV2tqfBYeCYYIvFb0yrVsrOdcH0Q2Avz73E1pIy3r6BwtScrM0t7G aDO6ihZdUtSe2O4IT2YQ/foufUT/Rt09D4rX/HaFQYwpaKW8tdcoovlorfE8L2y6V8qL bikc+xG80O2LV3uSsHxQdt4Sc48VV7hKecVwij33g0qpVeUUHB9ZtSZjlZ2EnmoW3JtM kcTigCqzbh8yiCVET0NWZ8wkxJxg+u1RBHlRGN27kINKAB+N/OWeFoM8jZwBUrT1lEwV A53DunKhBowK/ItUC9YT0XQg6Wb8j31UIKRYdY2YcdOCMUKSjEkg0+Zo+lEQXGG4FfSo cAvQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685688677; x=1688280677; h=to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=HOM1mZo2U4ZCcBwBq/Zlug7Ps1g+OYwhaw8lkE+YmWs=; b=dNC8CgzlanPJhh5tVU8Ca3OOomr1+CzdzuFiP7opHAL7gxih79Hxr0WIaLh3vFP7fq H7g14ci41T/l1hvfrninDPSM4X9+5xsf3bpj4dPVczT2Hiby33g3cW1u+5xsYXBSJC5U RHD4koHS5GcMv+lnH+2GEHa47mMrZqe595CcidD/Lc3p6uAyBrZT7N+nYBR3k84E8y0U 9vxWJQARWr/bKSo24f7QYFHDDPM7BAX0snc8p/yuxOD16iCMTUACrgayEkrWmttLR3+o O2St/vZSu2ukikgttstaKk6Z3kX9p99Nv5smb4FlcnkMf184AEGpQxfEzCgy1pB6gObv 8jqg== X-Gm-Message-State: AC+VfDxGURdKW6xuws0DMzIOasyZoscgqxnyabbHZYMI4jnuolTRVC/P bHbAjuEFjGHaK24UxgG3oyStq3yEzK3Gm3rtuNLKA5tqKuXucg== X-Google-Smtp-Source: ACHHUZ6yNbwlhO9LtZKFaPpgGAW+FOzPr2O5Tv+jgqtRUvlfUtxQUTBkXqBvMqh8NRKz2be/phJ7sViYYPcuA7vqscI= X-Received: by 2002:a05:6512:6c:b0:4e8:5576:98f4 with SMTP id i12-20020a056512006c00b004e8557698f4mr1287085lfo.45.1685688676546; Thu, 01 Jun 2023 23:51:16 -0700 (PDT) MIME-Version: 1.0 From: Amritpal Singh Date: Fri, 2 Jun 2023 12:21:07 +0530 Message-ID: Content-Type: multipart/mixed; boundary="000000000000c48edd05fd1ffa82" Received-SPF: pass client-ip=2a00:1450:4864:20::12d; envelope-from=icy.amrit@gmail.com; helo=mail-lf1-x12d.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: -1.3 (-) X-Mailman-Approved-At: Fri, 02 Jun 2023 03:52:15 -0400 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -2.3 (--) --000000000000c48edd05fd1ffa82 Content-Type: text/plain; charset="UTF-8" Compile emacs with the system's gzip program set to `pigz`. Run emacs and then `M-x eww RET` Expected behavior: Enter URL prompt in mini-buffer Actual behavior: hashing failed '/usr/share/emacs/30.0.50/lisp/gnus/gnus.el.gz' Report: The bug has been reproduced on emacs version 29.0.91 and HEAD which seems to be at 30.0.50. Later, a copy of the aforementioned file was saved somewhere else and the program was uninstalled. Then emacs was recompiled with system's gzip program set to GNU gzip and the initial steps were repeated and the expected behavior was the result. This lead to believing either that there's a bug with how zlib's `inflate()` handles archives or emacs code was having an issue with archives files. The hashes for gz archives generated with different programs were as follows > md5sum gnus-gzip.el.gz edb3d0ffba7f19ff1d4ec3f889609e8a gnus-gzip.el.gz > md5sum gnus.el.gz 985deaaec6a5845ac8d6bd9648957b50 gnus.el.gz And when uncompressing these archives, the resulting file was the same and the hash for the files was the same (omitted for brevity). Now after logging some code in $EMACS_REPO/src/decompress.c, it was learned that in the pigz specific case, `inflate()` was returning Z_BUF_ERROR(-5) which is an indicator for zstream's either `avail_in` or `avail_out` fields are 0. Observing the code in `$EMACS_REPO/src/decompress.c` L154: } while (!stream.avail_out); only checks stream.avail_out and not stream.avail_in which also might have been set to 0. A special case here can be constructed where `avail_in` is 0, and the code keeps looping even though our input buffer is empty and thus causing a Z_BUF_ERROR. Placing a simple check for it fixes the bug in pigz's gz archives case and does not cause any issue with gzip archives. A patch with a simple fix is attached below ============================ >From ffa8e140ed8b093c60f1238bf76935e815e82a21 Mon Sep 17 00:00:00 2001 From: icebarf Date: Fri, 2 Jun 2023 10:51:21 +0530 Subject: [PATCH] check stream.avail_in as well when looping to inflate gz archive --- src/decompress.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/decompress.c b/src/decompress.c index 6ef17db..162f616 100644 --- a/src/decompress.c +++ b/src/decompress.c @@ -151,7 +151,7 @@ md5_gz_stream (FILE *source, void *resblock) return -1; accumulate_and_process_md5 (out, MD5_BLOCKSIZE - stream.avail_out, &ctx); - } while (!stream.avail_out); + } while (stream.avail_in && !stream.avail_out); } while (res != Z_STREAM_END); -- 2.40.1 ========== In GNU Emacs 29.0.91 (build 1, x86_64-pc-linux-gnu, GTK+ Version 3.24.37, cairo version 1.16.0) of 2023-06-02 built on box System Description: KISS Linux Configured using: 'configure --prefix=/usr --enable-link-time-optimization --with-cairo --with-gnutls --with-imagemagick --with-modules --with-native-compilation --with-pgtk --with-jpeg --with-tiff --with-png --with-rsvg --with-webp --without-dbus --without-lcms2 --without-libsystemd --without-gif --without-gconf --without-gsettings --without-m17n-flt --without-selinux --without-x --without-xft --without-xaw3d --without-xim --without-xdbe 'CFLAGS=-O2 -pipe -march=native -mtune=native'' --000000000000c48edd05fd1ffa82 Content-Type: text/x-diff; charset="US-ASCII"; name="0001-check-stream.avail_in-as-well-when-looping-to-inflat.patch" Content-Disposition: attachment; filename="0001-check-stream.avail_in-as-well-when-looping-to-inflat.patch" Content-Transfer-Encoding: base64 Content-ID: X-Attachment-Id: f_lie7i8ws0 RnJvbSBmZmE4ZTE0MGVkOGIwOTNjNjBmMTIzOGJmNzY5MzVlODE1ZTgyYTIxIE1vbiBTZXAgMTcg MDA6MDA6MDAgMjAwMQpGcm9tOiBpY2ViYXJmIDxzeXNncmFtbWVyQHByb3Rvbm1haWwuY29tPgpE YXRlOiBGcmksIDIgSnVuIDIwMjMgMTA6NTE6MjEgKzA1MzAKU3ViamVjdDogW1BBVENIXSBjaGVj ayBzdHJlYW0uYXZhaWxfaW4gYXMgd2VsbCB3aGVuIGxvb3BpbmcgdG8gaW5mbGF0ZSBnegogYXJj aGl2ZQoKLS0tCiBzcmMvZGVjb21wcmVzcy5jIHwgMiArLQogMSBmaWxlIGNoYW5nZWQsIDEgaW5z ZXJ0aW9uKCspLCAxIGRlbGV0aW9uKC0pCgpkaWZmIC0tZ2l0IGEvc3JjL2RlY29tcHJlc3MuYyBi L3NyYy9kZWNvbXByZXNzLmMKaW5kZXggNmVmMTdkYi4uMTYyZjYxNiAxMDA2NDQKLS0tIGEvc3Jj L2RlY29tcHJlc3MuYworKysgYi9zcmMvZGVjb21wcmVzcy5jCkBAIC0xNTEsNyArMTUxLDcgQEAg bWQ1X2d6X3N0cmVhbSAoRklMRSAqc291cmNlLCB2b2lkICpyZXNibG9jaykKIAlyZXR1cm4gLTE7 CiAKICAgICAgIGFjY3VtdWxhdGVfYW5kX3Byb2Nlc3NfbWQ1IChvdXQsIE1ENV9CTE9DS1NJWkUg LSBzdHJlYW0uYXZhaWxfb3V0LCAmY3R4KTsKLSAgICB9IHdoaWxlICghc3RyZWFtLmF2YWlsX291 dCk7CisgICAgfSB3aGlsZSAoc3RyZWFtLmF2YWlsX2luICYmICFzdHJlYW0uYXZhaWxfb3V0KTsK IAogICB9IHdoaWxlIChyZXMgIT0gWl9TVFJFQU1fRU5EKTsKIAotLSAKMi40MC4xCgo= --000000000000c48edd05fd1ffa82-- From unknown Tue Aug 19 12:49:57 2025 X-Loop: help-debbugs@gnu.org Subject: bug#63832: fix failed inflation of .el.gz archives due to passing empty buffer to inflate() Resent-From: Eli Zaretskii Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Fri, 02 Jun 2023 12:05:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 63832 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: To: Amritpal Singh Cc: 63832@debbugs.gnu.org Received: via spool by 63832-submit@debbugs.gnu.org id=B63832.16857074527306 (code B ref 63832); Fri, 02 Jun 2023 12:05:01 +0000 Received: (at 63832) by debbugs.gnu.org; 2 Jun 2023 12:04:12 +0000 Received: from localhost ([127.0.0.1]:39208 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1q53Vs-0001tl-CH for submit@debbugs.gnu.org; Fri, 02 Jun 2023 08:04:12 -0400 Received: from eggs.gnu.org ([209.51.188.92]:38002) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1q53Vp-0001tT-6O; Fri, 02 Jun 2023 08:04:11 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q53Vj-0002bf-Ss; Fri, 02 Jun 2023 08:04:03 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=References:Subject:In-Reply-To:To:From:Date: mime-version; bh=+10zRigs0aLG2cpE6NABdq9YlJU52SkfK4XDdUaUdOw=; b=Y25hUMUO7H1x esXKJ4kj5rm6Zj1x/3e3bmFfLUWpj3zqLJ7yLh4wRA/zrr+cToFOh9NyXjm9EuQg9mknVF/Jp/pwj KxXYaNK/Byx1aPh2OQhNIl3xIFMfdhHqQN3QjhBWwb3f2OHiwdriiJxa1hU/7cVwkv/eQOt9ZZMRg B6QKfaK31BPJyyBgSzshbmtYZPsAt2OUzM6w1guFKhF1QK/To1Lfvl9lhCxwEmrlWuRW+GAvpZpU6 j6lSx4GdWyGAWdLfsoTE9lhNK3zK8yrJRPjncxcYM4qhGAwIF2jgHiILab+e7dV9Ig4XmOdkHxUMS BSEnvh7BYi2dRdC7dBUdeQ==; Received: from [87.69.77.57] (helo=home-c4e4a596f7) by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q53Vj-0003T0-CZ; Fri, 02 Jun 2023 08:04:03 -0400 Date: Fri, 02 Jun 2023 15:04:50 +0300 Message-Id: <83h6rqax3x.fsf@gnu.org> From: Eli Zaretskii In-Reply-To: (message from Amritpal Singh on Fri, 2 Jun 2023 12:21:07 +0530) References: X-Spam-Score: -2.3 (--) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) merge 63832 63831 thanks > From: Amritpal Singh > Date: Fri, 2 Jun 2023 12:21:07 +0530 > > Compile emacs with the system's gzip program set to `pigz`. > Run emacs and then `M-x eww RET` > > Expected behavior: > Enter URL prompt in mini-buffer > > Actual behavior: > hashing failed '/usr/share/emacs/30.0.50/lisp/gnus/gnus.el.gz' > > Report: > The bug has been reproduced on emacs version 29.0.91 and HEAD which > seems to be at 30.0.50. > Later, a copy of the aforementioned file was saved somewhere else and > the program was uninstalled. Then emacs was recompiled with system's > gzip program set to GNU gzip and the initial steps were repeated and > the expected behavior was the result. > This lead to believing either that there's a bug with how zlib's > `inflate()` handles archives or emacs code was having an issue with > archives files. > > The hashes for gz archives generated with different programs were as follows > > md5sum gnus-gzip.el.gz > edb3d0ffba7f19ff1d4ec3f889609e8a gnus-gzip.el.gz > > md5sum gnus.el.gz > 985deaaec6a5845ac8d6bd9648957b50 gnus.el.gz > > And when uncompressing these archives, the resulting file was the same > and the hash for the files was the same (omitted for brevity). > > Now after logging some code in $EMACS_REPO/src/decompress.c, it was > learned that in the pigz specific case, `inflate()` was returning > Z_BUF_ERROR(-5) which is an indicator for zstream's either `avail_in` > or `avail_out` fields are 0. > > Observing the code in `$EMACS_REPO/src/decompress.c` > L154: > } while (!stream.avail_out); > only checks stream.avail_out and not stream.avail_in which also might > have been set to 0. A special case here can be constructed where > `avail_in` is 0, and the code keeps looping even though our input > buffer is empty and thus causing a Z_BUF_ERROR. Placing a simple check > for it fixes the bug in pigz's gz archives case and does not cause any > issue with gzip archives. > > A patch with a simple fix is attached below > > ============================ > > >From ffa8e140ed8b093c60f1238bf76935e815e82a21 Mon Sep 17 00:00:00 2001 > From: icebarf > Date: Fri, 2 Jun 2023 10:51:21 +0530 > Subject: [PATCH] check stream.avail_in as well when looping to inflate gz > archive > > --- > src/decompress.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/src/decompress.c b/src/decompress.c > index 6ef17db..162f616 100644 > --- a/src/decompress.c > +++ b/src/decompress.c > @@ -151,7 +151,7 @@ md5_gz_stream (FILE *source, void *resblock) > return -1; > > accumulate_and_process_md5 (out, MD5_BLOCKSIZE - stream.avail_out, &ctx); > - } while (!stream.avail_out); > + } while (stream.avail_in && !stream.avail_out); > > } while (res != Z_STREAM_END); > > -- > 2.40.1 > > ========== > > In GNU Emacs 29.0.91 (build 1, x86_64-pc-linux-gnu, GTK+ Version > 3.24.37, cairo version 1.16.0) of 2023-06-02 built on box > System Description: KISS Linux > > Configured using: > 'configure --prefix=/usr --enable-link-time-optimization --with-cairo > --with-gnutls --with-imagemagick --with-modules > --with-native-compilation --with-pgtk --with-jpeg --with-tiff > --with-png --with-rsvg --with-webp --without-dbus --without-lcms2 > --without-libsystemd --without-gif --without-gconf --without-gsettings > --without-m17n-flt --without-selinux --without-x --without-xft > --without-xaw3d --without-xim --without-xdbe 'CFLAGS=-O2 -pipe > -march=native -mtune=native'' This is a duplicate of bug#63831; merged. From debbugs-submit-bounces@debbugs.gnu.org Fri Jun 02 11:34:44 2023 Received: (at control) by debbugs.gnu.org; 2 Jun 2023 15:34:44 +0000 Received: from localhost ([127.0.0.1]:40694 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1q56nc-0001qT-Ar for submit@debbugs.gnu.org; Fri, 02 Jun 2023 11:34:44 -0400 Received: from eggs.gnu.org ([209.51.188.92]:39774) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1q56nY-0001q7-56; Fri, 02 Jun 2023 11:34:42 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q56nS-0002mE-OD; Fri, 02 Jun 2023 11:34:34 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-version:References:Subject:In-Reply-To:To:From: Date; bh=8GqwIacCvj1TQms1WFbQ112jrvrYQk4YPyIenP7VuEM=; b=hyuhMfbYMjKdqvq7nlTH hWjN+vIqO4ZiFnMlZos45eaVKAE6OpgRhKaq6EU2F1fJg1Uzljuoh2dCrUZXkfq/lMb6PFToqY9Pe wOL5oSRx75mFZ5Cmy+uEPidGIcMLQwa0thS9nhP2gg2i7J6uYBqapl94nIIcyROy0BesR5KG7oYPo yVtf7w4md5/XO+AoRofYjYsK8y+i/HRClPJeysQcxLxQfpr+vE5vSQR+eBsrH6LWqPlgs7qpJ8eoB iRLDPNevlk/YcPxQsa1me8fuPA1o52sdTxq9R/B4IR6pozBL5eCUjveUYn6FR7L7FOMT3uplL2A5G BFiLo0v/I5fnbQ==; Received: from [87.69.77.57] (helo=home-c4e4a596f7) by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q56nO-0001YB-6n; Fri, 02 Jun 2023 11:34:34 -0400 Date: Fri, 02 Jun 2023 18:35:18 +0300 Message-Id: <83sfb9and5.fsf@gnu.org> From: Eli Zaretskii To: cortexauth In-Reply-To: (message from cortexauth on Fri, 2 Jun 2023 16:44:25 +0530) Subject: Re: bug#63848: [PATCH] Incorrect usage of inflate() from zlib in decompress.c References: MIME-version: 1.0 Content-type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: control Cc: 63848@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) merge 63848 63832 thanks > Date: Fri, 2 Jun 2023 16:44:25 +0530 > From: cortexauth > > While building Emacs one of my friends encountered a bug where entering certain commands such as > `M-x eww RET` > After some digging in, we found this was because of Z_BUF_ERROR arising in decompress.c:150 > > Per the docs (inflate (linuxbase.org)) this happens when either of in or out buffer runs out and there is > no further possible progress > > The code makes a wrong assumption that IF `stream.avail_out` is zero, we can keep on inflating. It’s > possible for `stream.avail_in` and `stream.avail_out` to be both zero at the same time (I don’t have a > minimalistic test case for this yet, but I am sure that one can construct this with some thought) > > Following is the patch for the fix > > -- > --- a/src/decompress.c > > +++ b/src/decompress.c > > @@ -151,7 +151,7 @@ md5_gz_stream (FILE *source, void *resblock) > > return -1; > > > > accumulate_and_process_md5 (out, MD5_BLOCKSIZE - stream.avail_out, &ctx); > > - } while (stream.avail_in && !stream.avail_out); > > + } while (!stream.avail_out); > > > > } while (res != Z_STREAM_END); > -- > > This is also my first time contributing so I might have made mistakes in making a good patch (one is > obviously my incapability to quickly think of minimal test case), so I will appreciate suggestions Another duplicate of bug#63832. From unknown Tue Aug 19 12:49:57 2025 MIME-Version: 1.0 X-Mailer: MIME-tools 5.505 (Entity 5.505) X-Loop: help-debbugs@gnu.org From: help-debbugs@gnu.org (GNU bug Tracking System) To: Amritpal Singh Subject: bug#63832: closed (Re: bug#63832: fix failed inflation of .el.gz archives due to passing empty buffer to inflate()) Message-ID: References: <83cz262ssw.fsf@gnu.org> X-Gnu-PR-Message: they-closed 63832 X-Gnu-PR-Package: emacs X-Gnu-PR-Keywords: patch Reply-To: 63832@debbugs.gnu.org Date: Thu, 08 Jun 2023 09:44:01 +0000 Content-Type: multipart/mixed; boundary="----------=_1686217441-30150-1" This is a multi-part message in MIME format... ------------=_1686217441-30150-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Your bug report #63832: fix failed inflation of .el.gz archives due to passing empty buffer= to inflate() which was filed against the emacs package, has been closed. The explanation is attached below, along with your original report. If you require more details, please reply to 63832@debbugs.gnu.org. --=20 63832: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=3D63832 GNU Bug Tracking System Contact help-debbugs@gnu.org with problems ------------=_1686217441-30150-1 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at 63832-done) by debbugs.gnu.org; 8 Jun 2023 09:43:15 +0000 Received: from localhost ([127.0.0.1]:55701 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1q7CAk-0007pB-SN for submit@debbugs.gnu.org; Thu, 08 Jun 2023 05:43:15 -0400 Received: from eggs.gnu.org ([209.51.188.92]:41212) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1q7CAi-0007ow-Hq for 63832-done@debbugs.gnu.org; Thu, 08 Jun 2023 05:43:13 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q7CAd-0003NM-AV; Thu, 08 Jun 2023 05:43:07 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=References:Subject:In-Reply-To:To:From:Date: mime-version; bh=HLYdgrZYQZvirXubNaLxv7yyj1UFPpdYGHQ4T7Iqcuk=; b=KDh7Vg8vCMD6 Vn/fJzT9OCeOLiuXObhUoQVQvnL+5Q97bRU6BjDVjUt83/FLdV2Go1snmHBL0PsJl7eWj/jNZFXYg nIrtLb3kR+zVtuG86YzKp53rWh+vs1n9vYB3+xknbG9Dr4D7UTmptlYkRaiRitCH9dnxwi0fWGkzQ AtletrzcdyHCSBHb0NbSe1UowqdPYlA+Ogl7KVNY/M54UQEFYyttVXM703oRJwQmy4kXppzCdZslu Q2Iz3v1nkgo6bbaVdJ+4435duziFALyF4kLsjqs+cBQ4lyhgigoAN8cilwU69yS5ti62vq34pi5tv gWfB/0ULCiVnMgmHUMOdUg==; Received: from [87.69.77.57] (helo=home-c4e4a596f7) by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q7CAc-0003Uq-QM; Thu, 08 Jun 2023 05:43:07 -0400 Date: Thu, 08 Jun 2023 12:43:11 +0300 Message-Id: <83cz262ssw.fsf@gnu.org> From: Eli Zaretskii To: Amritpal Singh In-Reply-To: (message from Amritpal Singh on Fri, 2 Jun 2023 12:21:07 +0530) Subject: Re: bug#63832: fix failed inflation of .el.gz archives due to passing empty buffer to inflate() References: X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 63832-done Cc: 63832-done@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) > From: Amritpal Singh > Date: Fri, 2 Jun 2023 12:21:07 +0530 > > Compile emacs with the system's gzip program set to `pigz`. > Run emacs and then `M-x eww RET` > > Expected behavior: > Enter URL prompt in mini-buffer > > Actual behavior: > hashing failed '/usr/share/emacs/30.0.50/lisp/gnus/gnus.el.gz' > > Report: > The bug has been reproduced on emacs version 29.0.91 and HEAD which > seems to be at 30.0.50. > Later, a copy of the aforementioned file was saved somewhere else and > the program was uninstalled. Then emacs was recompiled with system's > gzip program set to GNU gzip and the initial steps were repeated and > the expected behavior was the result. > This lead to believing either that there's a bug with how zlib's > `inflate()` handles archives or emacs code was having an issue with > archives files. > > The hashes for gz archives generated with different programs were as follows > > md5sum gnus-gzip.el.gz > edb3d0ffba7f19ff1d4ec3f889609e8a gnus-gzip.el.gz > > md5sum gnus.el.gz > 985deaaec6a5845ac8d6bd9648957b50 gnus.el.gz > > And when uncompressing these archives, the resulting file was the same > and the hash for the files was the same (omitted for brevity). > > Now after logging some code in $EMACS_REPO/src/decompress.c, it was > learned that in the pigz specific case, `inflate()` was returning > Z_BUF_ERROR(-5) which is an indicator for zstream's either `avail_in` > or `avail_out` fields are 0. > > Observing the code in `$EMACS_REPO/src/decompress.c` > L154: > } while (!stream.avail_out); > only checks stream.avail_out and not stream.avail_in which also might > have been set to 0. A special case here can be constructed where > `avail_in` is 0, and the code keeps looping even though our input > buffer is empty and thus causing a Z_BUF_ERROR. Placing a simple check > for it fixes the bug in pigz's gz archives case and does not cause any > issue with gzip archives. > > A patch with a simple fix is attached below Thanks, installed on the master branch, and closing the bug. ------------=_1686217441-30150-1 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at submit) by debbugs.gnu.org; 2 Jun 2023 07:52:22 +0000 Received: from localhost ([127.0.0.1]:39030 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1q4za7-0000yT-R1 for submit@debbugs.gnu.org; Fri, 02 Jun 2023 03:52:22 -0400 Received: from lists.gnu.org ([209.51.188.17]:41468) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1q4yd9-0007j9-Qp for submit@debbugs.gnu.org; Fri, 02 Jun 2023 02:51:26 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q4yd6-0004Wb-QA for bug-gnu-emacs@gnu.org; Fri, 02 Jun 2023 02:51:21 -0400 Received: from mail-lf1-x12d.google.com ([2a00:1450:4864:20::12d]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1q4yd4-0007c4-VH for bug-gnu-emacs@gnu.org; Fri, 02 Jun 2023 02:51:20 -0400 Received: by mail-lf1-x12d.google.com with SMTP id 2adb3069b0e04-4f60a27c4a2so1779408e87.2 for ; Thu, 01 Jun 2023 23:51:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1685688677; x=1688280677; h=to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=HOM1mZo2U4ZCcBwBq/Zlug7Ps1g+OYwhaw8lkE+YmWs=; b=G0EzcfEAwV13SCV2tqfBYeCYYIvFb0yrVsrOdcH0Q2Avz73E1pIy3r6BwtScrM0t7G aDO6ihZdUtSe2O4IT2YQ/foufUT/Rt09D4rX/HaFQYwpaKW8tdcoovlorfE8L2y6V8qL bikc+xG80O2LV3uSsHxQdt4Sc48VV7hKecVwij33g0qpVeUUHB9ZtSZjlZ2EnmoW3JtM kcTigCqzbh8yiCVET0NWZ8wkxJxg+u1RBHlRGN27kINKAB+N/OWeFoM8jZwBUrT1lEwV A53DunKhBowK/ItUC9YT0XQg6Wb8j31UIKRYdY2YcdOCMUKSjEkg0+Zo+lEQXGG4FfSo cAvQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685688677; x=1688280677; h=to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=HOM1mZo2U4ZCcBwBq/Zlug7Ps1g+OYwhaw8lkE+YmWs=; b=dNC8CgzlanPJhh5tVU8Ca3OOomr1+CzdzuFiP7opHAL7gxih79Hxr0WIaLh3vFP7fq H7g14ci41T/l1hvfrninDPSM4X9+5xsf3bpj4dPVczT2Hiby33g3cW1u+5xsYXBSJC5U RHD4koHS5GcMv+lnH+2GEHa47mMrZqe595CcidD/Lc3p6uAyBrZT7N+nYBR3k84E8y0U 9vxWJQARWr/bKSo24f7QYFHDDPM7BAX0snc8p/yuxOD16iCMTUACrgayEkrWmttLR3+o O2St/vZSu2ukikgttstaKk6Z3kX9p99Nv5smb4FlcnkMf184AEGpQxfEzCgy1pB6gObv 8jqg== X-Gm-Message-State: AC+VfDxGURdKW6xuws0DMzIOasyZoscgqxnyabbHZYMI4jnuolTRVC/P bHbAjuEFjGHaK24UxgG3oyStq3yEzK3Gm3rtuNLKA5tqKuXucg== X-Google-Smtp-Source: ACHHUZ6yNbwlhO9LtZKFaPpgGAW+FOzPr2O5Tv+jgqtRUvlfUtxQUTBkXqBvMqh8NRKz2be/phJ7sViYYPcuA7vqscI= X-Received: by 2002:a05:6512:6c:b0:4e8:5576:98f4 with SMTP id i12-20020a056512006c00b004e8557698f4mr1287085lfo.45.1685688676546; Thu, 01 Jun 2023 23:51:16 -0700 (PDT) MIME-Version: 1.0 From: Amritpal Singh Date: Fri, 2 Jun 2023 12:21:07 +0530 Message-ID: Subject: fix failed inflation of .el.gz archives due to passing empty buffer to inflate() To: bug-gnu-emacs@gnu.org Content-Type: multipart/mixed; boundary="000000000000c48edd05fd1ffa82" Received-SPF: pass client-ip=2a00:1450:4864:20::12d; envelope-from=icy.amrit@gmail.com; helo=mail-lf1-x12d.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: -1.3 (-) X-Debbugs-Envelope-To: submit X-Mailman-Approved-At: Fri, 02 Jun 2023 03:52:15 -0400 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -2.3 (--) --000000000000c48edd05fd1ffa82 Content-Type: text/plain; charset="UTF-8" Compile emacs with the system's gzip program set to `pigz`. Run emacs and then `M-x eww RET` Expected behavior: Enter URL prompt in mini-buffer Actual behavior: hashing failed '/usr/share/emacs/30.0.50/lisp/gnus/gnus.el.gz' Report: The bug has been reproduced on emacs version 29.0.91 and HEAD which seems to be at 30.0.50. Later, a copy of the aforementioned file was saved somewhere else and the program was uninstalled. Then emacs was recompiled with system's gzip program set to GNU gzip and the initial steps were repeated and the expected behavior was the result. This lead to believing either that there's a bug with how zlib's `inflate()` handles archives or emacs code was having an issue with archives files. The hashes for gz archives generated with different programs were as follows > md5sum gnus-gzip.el.gz edb3d0ffba7f19ff1d4ec3f889609e8a gnus-gzip.el.gz > md5sum gnus.el.gz 985deaaec6a5845ac8d6bd9648957b50 gnus.el.gz And when uncompressing these archives, the resulting file was the same and the hash for the files was the same (omitted for brevity). Now after logging some code in $EMACS_REPO/src/decompress.c, it was learned that in the pigz specific case, `inflate()` was returning Z_BUF_ERROR(-5) which is an indicator for zstream's either `avail_in` or `avail_out` fields are 0. Observing the code in `$EMACS_REPO/src/decompress.c` L154: } while (!stream.avail_out); only checks stream.avail_out and not stream.avail_in which also might have been set to 0. A special case here can be constructed where `avail_in` is 0, and the code keeps looping even though our input buffer is empty and thus causing a Z_BUF_ERROR. Placing a simple check for it fixes the bug in pigz's gz archives case and does not cause any issue with gzip archives. A patch with a simple fix is attached below ============================ >From ffa8e140ed8b093c60f1238bf76935e815e82a21 Mon Sep 17 00:00:00 2001 From: icebarf Date: Fri, 2 Jun 2023 10:51:21 +0530 Subject: [PATCH] check stream.avail_in as well when looping to inflate gz archive --- src/decompress.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/decompress.c b/src/decompress.c index 6ef17db..162f616 100644 --- a/src/decompress.c +++ b/src/decompress.c @@ -151,7 +151,7 @@ md5_gz_stream (FILE *source, void *resblock) return -1; accumulate_and_process_md5 (out, MD5_BLOCKSIZE - stream.avail_out, &ctx); - } while (!stream.avail_out); + } while (stream.avail_in && !stream.avail_out); } while (res != Z_STREAM_END); -- 2.40.1 ========== In GNU Emacs 29.0.91 (build 1, x86_64-pc-linux-gnu, GTK+ Version 3.24.37, cairo version 1.16.0) of 2023-06-02 built on box System Description: KISS Linux Configured using: 'configure --prefix=/usr --enable-link-time-optimization --with-cairo --with-gnutls --with-imagemagick --with-modules --with-native-compilation --with-pgtk --with-jpeg --with-tiff --with-png --with-rsvg --with-webp --without-dbus --without-lcms2 --without-libsystemd --without-gif --without-gconf --without-gsettings --without-m17n-flt --without-selinux --without-x --without-xft --without-xaw3d --without-xim --without-xdbe 'CFLAGS=-O2 -pipe -march=native -mtune=native'' --000000000000c48edd05fd1ffa82 Content-Type: text/x-diff; charset="US-ASCII"; name="0001-check-stream.avail_in-as-well-when-looping-to-inflat.patch" Content-Disposition: attachment; filename="0001-check-stream.avail_in-as-well-when-looping-to-inflat.patch" Content-Transfer-Encoding: base64 Content-ID: X-Attachment-Id: f_lie7i8ws0 RnJvbSBmZmE4ZTE0MGVkOGIwOTNjNjBmMTIzOGJmNzY5MzVlODE1ZTgyYTIxIE1vbiBTZXAgMTcg MDA6MDA6MDAgMjAwMQpGcm9tOiBpY2ViYXJmIDxzeXNncmFtbWVyQHByb3Rvbm1haWwuY29tPgpE YXRlOiBGcmksIDIgSnVuIDIwMjMgMTA6NTE6MjEgKzA1MzAKU3ViamVjdDogW1BBVENIXSBjaGVj ayBzdHJlYW0uYXZhaWxfaW4gYXMgd2VsbCB3aGVuIGxvb3BpbmcgdG8gaW5mbGF0ZSBnegogYXJj aGl2ZQoKLS0tCiBzcmMvZGVjb21wcmVzcy5jIHwgMiArLQogMSBmaWxlIGNoYW5nZWQsIDEgaW5z ZXJ0aW9uKCspLCAxIGRlbGV0aW9uKC0pCgpkaWZmIC0tZ2l0IGEvc3JjL2RlY29tcHJlc3MuYyBi L3NyYy9kZWNvbXByZXNzLmMKaW5kZXggNmVmMTdkYi4uMTYyZjYxNiAxMDA2NDQKLS0tIGEvc3Jj L2RlY29tcHJlc3MuYworKysgYi9zcmMvZGVjb21wcmVzcy5jCkBAIC0xNTEsNyArMTUxLDcgQEAg bWQ1X2d6X3N0cmVhbSAoRklMRSAqc291cmNlLCB2b2lkICpyZXNibG9jaykKIAlyZXR1cm4gLTE7 CiAKICAgICAgIGFjY3VtdWxhdGVfYW5kX3Byb2Nlc3NfbWQ1IChvdXQsIE1ENV9CTE9DS1NJWkUg LSBzdHJlYW0uYXZhaWxfb3V0LCAmY3R4KTsKLSAgICB9IHdoaWxlICghc3RyZWFtLmF2YWlsX291 dCk7CisgICAgfSB3aGlsZSAoc3RyZWFtLmF2YWlsX2luICYmICFzdHJlYW0uYXZhaWxfb3V0KTsK IAogICB9IHdoaWxlIChyZXMgIT0gWl9TVFJFQU1fRU5EKTsKIAotLSAKMi40MC4xCgo= --000000000000c48edd05fd1ffa82-- ------------=_1686217441-30150-1-- From unknown Tue Aug 19 12:49:57 2025 MIME-Version: 1.0 X-Mailer: MIME-tools 5.505 (Entity 5.505) X-Loop: help-debbugs@gnu.org From: help-debbugs@gnu.org (GNU bug Tracking System) To: Amritpal Singh Subject: bug#63831: closed (Re: bug#63832: fix failed inflation of .el.gz archives due to passing empty buffer to inflate()) Message-ID: References: <83cz262ssw.fsf@gnu.org> X-Gnu-PR-Message: they-closed 63831 X-Gnu-PR-Package: emacs X-Gnu-PR-Keywords: patch Reply-To: 63831@debbugs.gnu.org Date: Thu, 08 Jun 2023 09:44:02 +0000 Content-Type: multipart/mixed; boundary="----------=_1686217442-30150-3" This is a multi-part message in MIME format... ------------=_1686217442-30150-3 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Your bug report #63832: fix bug with failed inflation of .el.gz files in src/decompress.c which was filed against the emacs package, has been closed. The explanation is attached below, along with your original report. If you require more details, please reply to 63831@debbugs.gnu.org. --=20 63832: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=3D63832 GNU Bug Tracking System Contact help-debbugs@gnu.org with problems ------------=_1686217442-30150-3 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at 63832-done) by debbugs.gnu.org; 8 Jun 2023 09:43:15 +0000 Received: from localhost ([127.0.0.1]:55701 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1q7CAk-0007pB-SN for submit@debbugs.gnu.org; Thu, 08 Jun 2023 05:43:15 -0400 Received: from eggs.gnu.org ([209.51.188.92]:41212) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1q7CAi-0007ow-Hq for 63832-done@debbugs.gnu.org; Thu, 08 Jun 2023 05:43:13 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q7CAd-0003NM-AV; Thu, 08 Jun 2023 05:43:07 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=References:Subject:In-Reply-To:To:From:Date: mime-version; bh=HLYdgrZYQZvirXubNaLxv7yyj1UFPpdYGHQ4T7Iqcuk=; b=KDh7Vg8vCMD6 Vn/fJzT9OCeOLiuXObhUoQVQvnL+5Q97bRU6BjDVjUt83/FLdV2Go1snmHBL0PsJl7eWj/jNZFXYg nIrtLb3kR+zVtuG86YzKp53rWh+vs1n9vYB3+xknbG9Dr4D7UTmptlYkRaiRitCH9dnxwi0fWGkzQ AtletrzcdyHCSBHb0NbSe1UowqdPYlA+Ogl7KVNY/M54UQEFYyttVXM703oRJwQmy4kXppzCdZslu Q2Iz3v1nkgo6bbaVdJ+4435duziFALyF4kLsjqs+cBQ4lyhgigoAN8cilwU69yS5ti62vq34pi5tv gWfB/0ULCiVnMgmHUMOdUg==; Received: from [87.69.77.57] (helo=home-c4e4a596f7) by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q7CAc-0003Uq-QM; Thu, 08 Jun 2023 05:43:07 -0400 Date: Thu, 08 Jun 2023 12:43:11 +0300 Message-Id: <83cz262ssw.fsf@gnu.org> From: Eli Zaretskii To: Amritpal Singh In-Reply-To: (message from Amritpal Singh on Fri, 2 Jun 2023 12:21:07 +0530) Subject: Re: bug#63832: fix failed inflation of .el.gz archives due to passing empty buffer to inflate() References: X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 63832-done Cc: 63832-done@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) > From: Amritpal Singh > Date: Fri, 2 Jun 2023 12:21:07 +0530 > > Compile emacs with the system's gzip program set to `pigz`. > Run emacs and then `M-x eww RET` > > Expected behavior: > Enter URL prompt in mini-buffer > > Actual behavior: > hashing failed '/usr/share/emacs/30.0.50/lisp/gnus/gnus.el.gz' > > Report: > The bug has been reproduced on emacs version 29.0.91 and HEAD which > seems to be at 30.0.50. > Later, a copy of the aforementioned file was saved somewhere else and > the program was uninstalled. Then emacs was recompiled with system's > gzip program set to GNU gzip and the initial steps were repeated and > the expected behavior was the result. > This lead to believing either that there's a bug with how zlib's > `inflate()` handles archives or emacs code was having an issue with > archives files. > > The hashes for gz archives generated with different programs were as follows > > md5sum gnus-gzip.el.gz > edb3d0ffba7f19ff1d4ec3f889609e8a gnus-gzip.el.gz > > md5sum gnus.el.gz > 985deaaec6a5845ac8d6bd9648957b50 gnus.el.gz > > And when uncompressing these archives, the resulting file was the same > and the hash for the files was the same (omitted for brevity). > > Now after logging some code in $EMACS_REPO/src/decompress.c, it was > learned that in the pigz specific case, `inflate()` was returning > Z_BUF_ERROR(-5) which is an indicator for zstream's either `avail_in` > or `avail_out` fields are 0. > > Observing the code in `$EMACS_REPO/src/decompress.c` > L154: > } while (!stream.avail_out); > only checks stream.avail_out and not stream.avail_in which also might > have been set to 0. A special case here can be constructed where > `avail_in` is 0, and the code keeps looping even though our input > buffer is empty and thus causing a Z_BUF_ERROR. Placing a simple check > for it fixes the bug in pigz's gz archives case and does not cause any > issue with gzip archives. > > A patch with a simple fix is attached below Thanks, installed on the master branch, and closing the bug. ------------=_1686217442-30150-3 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at submit) by debbugs.gnu.org; 2 Jun 2023 07:52:19 +0000 Received: from localhost ([127.0.0.1]:39028 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1q4za5-0000yO-55 for submit@debbugs.gnu.org; Fri, 02 Jun 2023 03:52:19 -0400 Received: from lists.gnu.org ([209.51.188.17]:35798) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1q4xVs-0005ir-Sb for submit@debbugs.gnu.org; Fri, 02 Jun 2023 01:39:50 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q4xVs-00071d-L9 for bug-gnu-emacs@gnu.org; Fri, 02 Jun 2023 01:39:48 -0400 Received: from mail-lf1-x12d.google.com ([2a00:1450:4864:20::12d]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1q4xVr-0001gx-1I for bug-gnu-emacs@gnu.org; Fri, 02 Jun 2023 01:39:48 -0400 Received: by mail-lf1-x12d.google.com with SMTP id 2adb3069b0e04-4f004cc54f4so2223468e87.3 for ; Thu, 01 Jun 2023 22:39:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1685684384; x=1688276384; h=to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=JjOeClnpJTAgoR/ffvaetzfqhCKpKaZRpK8ZPuoeZxE=; b=QsXsjKJbXqpBqmJgxLRudiBdAn2D2dUFXDluegv3v90zyqv2azQ+uvzQXOrZtUAyjV 1yAYfM85MdjLWUl6+/nu5CRKV8yOerz0cNP2yqiLv0WPPP+tl+AyOwEuLmmt54UNtewn 48PlQAiwbDSDIPN1Muw3d7Hf26O5l9PhyK9ouGTILUip3vIOnYmNQgEYox0NJ4RIQjes IlDUplembW3qI8oha5ulRTDyhg8PWNaZCUl4TmXJ/tmnSq/X4AKzRMMMMh3/ZDA55srN 09IIODDTDvLBxrJgPHkN+DHidY0Tc4bjIjY/Mw9fBiPrMfrz9uCaqfzkukq9JwMdnOFx dtHg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685684384; x=1688276384; h=to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=JjOeClnpJTAgoR/ffvaetzfqhCKpKaZRpK8ZPuoeZxE=; b=U7YKPEU+OqHxeBSgr1qj4oAnbG5dNy4MwPaju85XzJ2c7Mz9DCix5/k6lzQuId9whI i/2eNcm7izi0OC4bCU0q4XkP7xe+msu4Hp6GrNx/yXUPSn1VRKb+MvRZ/Ol2Gay/y4u0 UaVxUDbylSRrgHWJmoZvHR53hPJKLnbgM/l67+8Ymog+KUF4bUNlipHcC6ABbgJRJ0T5 rZWu+0EuJdQmRh/iyf3xSPOIT7dGaqhtBjMM2WH+S7VT/BeBlq7eh4kDy4wm+VuHpA5Q YMHERGjYcxPDjd/PVk92HkSyx8ucsfpkidrRKAg6c9ebZsk1wlGNuHd3ohR1+JsJ+h0d rMBA== X-Gm-Message-State: AC+VfDyihmMWJPcmW/97GBE41OfvF+6uYm1dfWUSbwqgmw4VFR9CzBEb sr6JEKF6jis6MN+dKdy0TxMX/OSdCX1vYwKjkCWgx8kZ8srKhw== X-Google-Smtp-Source: ACHHUZ48QkygmT+rb0iaKnvZhoaBJ2FTwwdoEf7dZQZjR2MpZO9J9XnXVvNmNqOE/mlTZ72cjNju//z7pJSnzcvG8/E= X-Received: by 2002:ac2:4896:0:b0:4f4:cda3:8c99 with SMTP id x22-20020ac24896000000b004f4cda38c99mr1119973lfc.42.1685684384150; Thu, 01 Jun 2023 22:39:44 -0700 (PDT) MIME-Version: 1.0 From: Amritpal Singh Date: Fri, 2 Jun 2023 11:09:35 +0530 Message-ID: Subject: fix bug with failed inflation of .el.gz files in src/decompress.c To: bug-gnu-emacs@gnu.org Content-Type: multipart/mixed; boundary="000000000000ebea4205fd1efa18" Received-SPF: pass client-ip=2a00:1450:4864:20::12d; envelope-from=icy.amrit@gmail.com; helo=mail-lf1-x12d.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: -1.3 (-) X-Debbugs-Envelope-To: submit X-Mailman-Approved-At: Fri, 02 Jun 2023 03:52:15 -0400 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -2.3 (--) --000000000000ebea4205fd1efa18 Content-Type: text/plain; charset="UTF-8" Bug Report: Compile emacs with system's gzip program set to `pigz`. Run emacs and then `M-x eww RET` Expected behavior: Enter URL prompt in mini-buffer Actual behavior: hashing failed '/usr/share/emacs/30.0.50/lisp/gnus/gnus.el.gz' Report: The bug has been reproduced on emacs version 29.0.91 and HEAD which seems to be at 30.0.50. Later, a copy of the aforementioned file was saved somewhere else and the program was uninstalled. Then emacs was recompiled with system's gzip program set to GNU gzip and the initial steps were repeated and the expected behavior was the result. This lead to believing either that there's a bug with how zlib's `inflate()` handles archives or emacs code was having an issue with archives files. The hashes for gz archives generated with different programs were as follows > md5sum gnus-gzip.el.gz edb3d0ffba7f19ff1d4ec3f889609e8a gnus-gzip.el.gz > md5sum gnus.el.gz 985deaaec6a5845ac8d6bd9648957b50 gnus.el.gz And when uncompressing these archives, the resulting file was the same and the hash for the files was the same (omitted for brevity). Now after logging some code in $EMACS_REPO/src/decompress.c, it was learned that in the pigz specific case, `inflate()` was returning Z_BUF_ERROR(-5) which is an indicator for zstream's either `avail_in` or `avail_out` fields are 0. Observing the code in `$EMACS_REPO/src/decompress.c` L154: } while (!stream.avail_out); only checks stream.avail_out and not stream.avail_in which also might have been set to 0. A special case here can be constructed where `avail_in` is 0, and the code keeps looping even though our input buffer is empty and thus causing a Z_BUF_ERROR. Placing a simple check for it fixes the bug in pigz's gz archives case and does not cause any issue with gzip archives. A simple patch with a fix is attached below, I would also like to thank a friend of mine cortexauth whom also helped during my debug sessions. --000000000000ebea4205fd1efa18 Content-Type: text/x-diff; charset="US-ASCII"; name="0001-check-stream.avail_in-as-well-when-looping-to-inflat.patch" Content-Disposition: attachment; filename="0001-check-stream.avail_in-as-well-when-looping-to-inflat.patch" Content-Transfer-Encoding: base64 Content-ID: X-Attachment-Id: f_lie4y7190 RnJvbSBmZmE4ZTE0MGVkOGIwOTNjNjBmMTIzOGJmNzY5MzVlODE1ZTgyYTIxIE1vbiBTZXAgMTcg MDA6MDA6MDAgMjAwMQpGcm9tOiBpY2ViYXJmIDxzeXNncmFtbWVyQHByb3Rvbm1haWwuY29tPgpE YXRlOiBGcmksIDIgSnVuIDIwMjMgMTA6NTE6MjEgKzA1MzAKU3ViamVjdDogW1BBVENIXSBjaGVj ayBzdHJlYW0uYXZhaWxfaW4gYXMgd2VsbCB3aGVuIGxvb3BpbmcgdG8gaW5mbGF0ZSBnegogYXJj aGl2ZQoKLS0tCiBzcmMvZGVjb21wcmVzcy5jIHwgMiArLQogMSBmaWxlIGNoYW5nZWQsIDEgaW5z ZXJ0aW9uKCspLCAxIGRlbGV0aW9uKC0pCgpkaWZmIC0tZ2l0IGEvc3JjL2RlY29tcHJlc3MuYyBi L3NyYy9kZWNvbXByZXNzLmMKaW5kZXggNmVmMTdkYi4uMTYyZjYxNiAxMDA2NDQKLS0tIGEvc3Jj L2RlY29tcHJlc3MuYworKysgYi9zcmMvZGVjb21wcmVzcy5jCkBAIC0xNTEsNyArMTUxLDcgQEAg bWQ1X2d6X3N0cmVhbSAoRklMRSAqc291cmNlLCB2b2lkICpyZXNibG9jaykKIAlyZXR1cm4gLTE7 CiAKICAgICAgIGFjY3VtdWxhdGVfYW5kX3Byb2Nlc3NfbWQ1IChvdXQsIE1ENV9CTE9DS1NJWkUg LSBzdHJlYW0uYXZhaWxfb3V0LCAmY3R4KTsKLSAgICB9IHdoaWxlICghc3RyZWFtLmF2YWlsX291 dCk7CisgICAgfSB3aGlsZSAoc3RyZWFtLmF2YWlsX2luICYmICFzdHJlYW0uYXZhaWxfb3V0KTsK IAogICB9IHdoaWxlIChyZXMgIT0gWl9TVFJFQU1fRU5EKTsKIAotLSAKMi40MC4xCgo= --000000000000ebea4205fd1efa18-- ------------=_1686217442-30150-3-- From unknown Tue Aug 19 12:49:57 2025 MIME-Version: 1.0 X-Mailer: MIME-tools 5.505 (Entity 5.505) X-Loop: help-debbugs@gnu.org From: help-debbugs@gnu.org (GNU bug Tracking System) To: cortexauth Subject: bug#63848: closed (Re: bug#63832: fix failed inflation of .el.gz archives due to passing empty buffer to inflate()) Message-ID: References: <83cz262ssw.fsf@gnu.org> X-Gnu-PR-Message: they-closed 63848 X-Gnu-PR-Package: emacs X-Gnu-PR-Keywords: patch Reply-To: 63848@debbugs.gnu.org Date: Thu, 08 Jun 2023 09:44:02 +0000 Content-Type: multipart/mixed; boundary="----------=_1686217442-30150-5" This is a multi-part message in MIME format... ------------=_1686217442-30150-5 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Your bug report #63832: [PATCH] Incorrect usage of inflate() from zlib in decompress.c which was filed against the emacs package, has been closed. The explanation is attached below, along with your original report. If you require more details, please reply to 63848@debbugs.gnu.org. --=20 63832: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=3D63832 GNU Bug Tracking System Contact help-debbugs@gnu.org with problems ------------=_1686217442-30150-5 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at 63832-done) by debbugs.gnu.org; 8 Jun 2023 09:43:15 +0000 Received: from localhost ([127.0.0.1]:55701 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1q7CAk-0007pB-SN for submit@debbugs.gnu.org; Thu, 08 Jun 2023 05:43:15 -0400 Received: from eggs.gnu.org ([209.51.188.92]:41212) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1q7CAi-0007ow-Hq for 63832-done@debbugs.gnu.org; Thu, 08 Jun 2023 05:43:13 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q7CAd-0003NM-AV; Thu, 08 Jun 2023 05:43:07 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=References:Subject:In-Reply-To:To:From:Date: mime-version; bh=HLYdgrZYQZvirXubNaLxv7yyj1UFPpdYGHQ4T7Iqcuk=; b=KDh7Vg8vCMD6 Vn/fJzT9OCeOLiuXObhUoQVQvnL+5Q97bRU6BjDVjUt83/FLdV2Go1snmHBL0PsJl7eWj/jNZFXYg nIrtLb3kR+zVtuG86YzKp53rWh+vs1n9vYB3+xknbG9Dr4D7UTmptlYkRaiRitCH9dnxwi0fWGkzQ AtletrzcdyHCSBHb0NbSe1UowqdPYlA+Ogl7KVNY/M54UQEFYyttVXM703oRJwQmy4kXppzCdZslu Q2Iz3v1nkgo6bbaVdJ+4435duziFALyF4kLsjqs+cBQ4lyhgigoAN8cilwU69yS5ti62vq34pi5tv gWfB/0ULCiVnMgmHUMOdUg==; Received: from [87.69.77.57] (helo=home-c4e4a596f7) by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q7CAc-0003Uq-QM; Thu, 08 Jun 2023 05:43:07 -0400 Date: Thu, 08 Jun 2023 12:43:11 +0300 Message-Id: <83cz262ssw.fsf@gnu.org> From: Eli Zaretskii To: Amritpal Singh In-Reply-To: (message from Amritpal Singh on Fri, 2 Jun 2023 12:21:07 +0530) Subject: Re: bug#63832: fix failed inflation of .el.gz archives due to passing empty buffer to inflate() References: X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 63832-done Cc: 63832-done@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) > From: Amritpal Singh > Date: Fri, 2 Jun 2023 12:21:07 +0530 > > Compile emacs with the system's gzip program set to `pigz`. > Run emacs and then `M-x eww RET` > > Expected behavior: > Enter URL prompt in mini-buffer > > Actual behavior: > hashing failed '/usr/share/emacs/30.0.50/lisp/gnus/gnus.el.gz' > > Report: > The bug has been reproduced on emacs version 29.0.91 and HEAD which > seems to be at 30.0.50. > Later, a copy of the aforementioned file was saved somewhere else and > the program was uninstalled. Then emacs was recompiled with system's > gzip program set to GNU gzip and the initial steps were repeated and > the expected behavior was the result. > This lead to believing either that there's a bug with how zlib's > `inflate()` handles archives or emacs code was having an issue with > archives files. > > The hashes for gz archives generated with different programs were as follows > > md5sum gnus-gzip.el.gz > edb3d0ffba7f19ff1d4ec3f889609e8a gnus-gzip.el.gz > > md5sum gnus.el.gz > 985deaaec6a5845ac8d6bd9648957b50 gnus.el.gz > > And when uncompressing these archives, the resulting file was the same > and the hash for the files was the same (omitted for brevity). > > Now after logging some code in $EMACS_REPO/src/decompress.c, it was > learned that in the pigz specific case, `inflate()` was returning > Z_BUF_ERROR(-5) which is an indicator for zstream's either `avail_in` > or `avail_out` fields are 0. > > Observing the code in `$EMACS_REPO/src/decompress.c` > L154: > } while (!stream.avail_out); > only checks stream.avail_out and not stream.avail_in which also might > have been set to 0. A special case here can be constructed where > `avail_in` is 0, and the code keeps looping even though our input > buffer is empty and thus causing a Z_BUF_ERROR. Placing a simple check > for it fixes the bug in pigz's gz archives case and does not cause any > issue with gzip archives. > > A patch with a simple fix is attached below Thanks, installed on the master branch, and closing the bug. ------------=_1686217442-30150-5 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at submit) by debbugs.gnu.org; 2 Jun 2023 15:22:17 +0000 Received: from localhost ([127.0.0.1]:40655 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1q56bV-0001Rs-WE for submit@debbugs.gnu.org; Fri, 02 Jun 2023 11:22:16 -0400 Received: from lists.gnu.org ([209.51.188.17]:49928) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1q52jz-0006Yz-Ec for submit@debbugs.gnu.org; Fri, 02 Jun 2023 07:14:44 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1q52jx-00062J-Nl for bug-gnu-emacs@gnu.org; Fri, 02 Jun 2023 07:14:42 -0400 Received: from mail-pf1-x432.google.com ([2607:f8b0:4864:20::432]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1q52jt-0007nu-LA for bug-gnu-emacs@gnu.org; Fri, 02 Jun 2023 07:14:39 -0400 Received: by mail-pf1-x432.google.com with SMTP id d2e1a72fcca58-64d18d772bdso2242734b3a.3 for ; Fri, 02 Jun 2023 04:14:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1685704475; x=1688296475; h=content-transfer-encoding:to:message-id:thread-topic:subject:from :date:mime-version:from:to:cc:subject:date:message-id:reply-to; bh=R9PJhj6aPfkS0N5v8uyTpTczn2Kl5rjm0RFrK4Tv5P0=; b=YCMG7x4aXRl8uwQsPM/67haQMSrP/xXAiMkhvs7IOTt5pW3735VOz96MCeVWovYNrB J88xPYfEghTc2Yeyt9zmh4r809U8nW5i4QLQGDaiMfU12cznpWLB28/pKVq16QaIQ818 ZkpDWPSE7j81aq+8JTAJPvEYUpj2+xuWNbPTK6gpmIXbal4kcms6Oa/xJlZiE0L8b7Ym fOF6OlhUTgdtftCsRo7Q5cr+ATQvwp/EkKjhwqeSCiXFsXV/gkRKL4vPZKdzqobvHTH0 Uq0UY6CTtNOlAaL4Y5K6nXd20teFY6ssgHMI9z3FcZzR+mnTS6TIgAeVXtYgEv9/00w0 MsiQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1685704475; x=1688296475; h=content-transfer-encoding:to:message-id:thread-topic:subject:from :date:mime-version:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=R9PJhj6aPfkS0N5v8uyTpTczn2Kl5rjm0RFrK4Tv5P0=; b=FNOtSElWRmow0La9JWHQXeN6TU1jYfxLO2ivhFVJM+thHBRCKFyPJqzC2+wHBKtoWw DBHLih96Hr7yfmHINhtvKev79h80/GjO4mEoKikLvQDPwQ/bNrrFmpj+PPBbLKgy+EBm RVT4Ya5Xdh67RQTTqeo4v4/5dyj2BY74nvg7ucMSUiP54YRVyiM+jTP/FRg43n270+hY w+/h4Yy2FQ13VkDYsE+5kPJHohSdmBp1j92vHmgFa7DVyka9oOVPFUQBGk68QzWnQsGO rhoJ9SpVQDQoA0ZcBrKIofA8panZEOlQwsdsnigj9dBysM2ZalkVT0secnmf357JcvrH 59lg== X-Gm-Message-State: AC+VfDycr/eZfD0kWJO2nTX6ceWvCjcx0SukkriuCXLCQ7m0GJe1B67V 4ae/QjIpWKUzjYkIPv/4lzYK9jrOeyHlrg== X-Google-Smtp-Source: ACHHUZ5OdO102/QfLUUgpOZcADLrmFOjt2oTmhYmpU1185QkOq5A9kOaRwbQO3vCV2mkf28qWnTDdQ== X-Received: by 2002:a05:6a00:1745:b0:643:59cd:6cad with SMTP id j5-20020a056a00174500b0064359cd6cadmr15706389pfc.24.1685704474975; Fri, 02 Jun 2023 04:14:34 -0700 (PDT) Received: from CortexAuth ([49.42.35.87]) by smtp.gmail.com with ESMTPSA id l3-20020a62be03000000b0063afb08afeesm825360pff.67.2023.06.02.04.14.33 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 02 Jun 2023 04:14:34 -0700 (PDT) MIME-Version: 1.0 Date: Fri, 2 Jun 2023 16:44:25 +0530 From: cortexauth Subject: [PATCH] Incorrect usage of inflate() from zlib in decompress.c Thread-Topic: [PATCH] Incorrect usage of inflate() from zlib in decompress.c Message-ID: To: "bug-gnu-emacs@gnu.org" Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset="utf-8" Received-SPF: pass client-ip=2607:f8b0:4864:20::432; envelope-from=deepak.takumi.120@gmail.com; helo=mail-pf1-x432.google.com X-Spam_score_int: -17 X-Spam_score: -1.8 X-Spam_bar: - X-Spam_report: (-1.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, MIME_HTML_ONLY=0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=no autolearn_force=no X-Spam_action: no action X-Spam-Score: -1.0 (-) X-Debbugs-Envelope-To: submit X-Mailman-Approved-At: Fri, 02 Jun 2023 11:22:12 -0400 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -2.0 (--)

Hey t= here,

 

Whi= le building Emacs one of my friends encountered a bug where entering certai= n commands such as `M-x eww RET`
After some digging in, we found this wa= s because of Z_BUF_ERROR arising in decompress.c:150

Per the docs (<= a href=3D"https://refspecs.linuxbase.org/LSB_3.0.0/LSB-Core-generic/LSB-Cor= e-generic/zlib-inflate-1.html">inflate (linuxbase.org)) this happens wh= en either of in or out buffer runs out and there is no further possible pro= gress

The code makes a wrong assumption that IF `stream.avail_out` i= s zero, we can keep on inflating. It=E2=80=99s possible for `stream.avail_i= n` and `stream.avail_out` to be both zero at the same time (I don=E2=80=99t= have a minimalistic test case for this yet, but I am sure that one can con= struct this with some thought)

Following is the patch for the fix
--
--- a/src/decompress.c

+++ b/= src/decompress.c

@@ -151,7 +151,7 @@ md5= _gz_stream (FILE *source, void *resblock)

=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 return -1;

 

=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0 accumulate_and_process_md5 (out, MD5_BLOCKSIZE - stre= am.avail_out, &ctx);

-=C2=A0=C2=A0= =C2=A0 } while (stream.avail_in && !stream.avail_out);

+=C2=A0=C2=A0=C2=A0 } while (!stream.avail_out);

 

= =C2=A0=C2=A0 } while (res !=3D Z_STREAM_END);
--

This is also my = first time contributing so I might have made mistakes in making a good patc= h (one is obviously my incapability to quickly think of minimal test case),= so I will appreciate suggestions

=  

Thanks,

Deepak Sharma

= ------------=_1686217442-30150-5-- From debbugs-submit-bounces@debbugs.gnu.org Tue Aug 01 01:36:25 2023 Received: (at control) by debbugs.gnu.org; 1 Aug 2023 05:36:25 +0000 Received: from localhost ([127.0.0.1]:46964 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1qQi3V-0001Pk-Jn for submit@debbugs.gnu.org; Tue, 01 Aug 2023 01:36:25 -0400 Received: from dev.gentoo.org ([2001:470:ea4a:1:5054:ff:fec7:86e4]:51703 helo=smtp.gentoo.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1qQi3U-0001PW-Aj for control@debbugs.gnu.org; Tue, 01 Aug 2023 01:36:24 -0400 From: Ulrich Mueller To: control@debbugs.gnu.org Subject: unarchive 63832 Date: Tue, 01 Aug 2023 07:36:12 +0200 Message-ID: User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: control X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) unarchive 63832 thank you From unknown Tue Aug 19 12:49:57 2025 X-Loop: help-debbugs@gnu.org Subject: bug#63832: fix failed inflation of .el.gz archives due to passing References: In-Reply-To: Resent-From: Ulrich Mueller Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Tue, 01 Aug 2023 05:42:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 63832 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: patch To: 63832@debbugs.gnu.org Received: via spool by 63832-submit@debbugs.gnu.org id=B63832.16908685215971 (code B ref 63832); Tue, 01 Aug 2023 05:42:02 +0000 Received: (at 63832) by debbugs.gnu.org; 1 Aug 2023 05:42:01 +0000 Received: from localhost ([127.0.0.1]:46969 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1qQi8v-0001YF-9p for submit@debbugs.gnu.org; Tue, 01 Aug 2023 01:42:01 -0400 Received: from woodpecker.gentoo.org ([140.211.166.183]:42534 helo=smtp.gentoo.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1qQi8t-0001Y0-Mh for 63832@debbugs.gnu.org; Tue, 01 Aug 2023 01:42:00 -0400 From: Ulrich Mueller Date: Tue, 01 Aug 2023 07:41:49 +0200 Message-ID: User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: -2.3 (--) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) I wonder if commit 46b6d175054e could be cherry-picked to the emacs-29 branch? The fix looks unintrusive. Users see the problem with Emacs 29.1 downstream, see Gentoo bug 911539: https://bugs.gentoo.org/911539 From unknown Tue Aug 19 12:49:57 2025 X-Loop: help-debbugs@gnu.org Subject: bug#63832: fix failed inflation of .el.gz archives due to passing Resent-From: Eli Zaretskii Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Tue, 01 Aug 2023 11:13:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 63832 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: patch To: Ulrich Mueller Cc: 63832@debbugs.gnu.org Received: via spool by 63832-submit@debbugs.gnu.org id=B63832.169088832916352 (code B ref 63832); Tue, 01 Aug 2023 11:13:02 +0000 Received: (at 63832) by debbugs.gnu.org; 1 Aug 2023 11:12:09 +0000 Received: from localhost ([127.0.0.1]:47245 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1qQnIP-0004Fg-Ao for submit@debbugs.gnu.org; Tue, 01 Aug 2023 07:12:09 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:58790) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1qQnIM-0004FB-QI for 63832@debbugs.gnu.org; Tue, 01 Aug 2023 07:12:07 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qQnI7-0002bI-Br; Tue, 01 Aug 2023 07:12:00 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=References:Subject:In-Reply-To:To:From:Date: mime-version; bh=D0gUbl/JHN2VtDBVxMBGtYq5ajANKyaEXofSkbfo8uA=; b=CygCnkEafTHz SoXDf7XQnZstajKPVnGhCUTSAkOGWqFToPQrWigE+SMD426zxUzre7jyDfj7Wa/n4tP//9FqF9zuN ArH1lOBYPsG2CruAs89vWJ8pfQDnarGBKbREQ8eLTQsSkBesbWNv4It+5xu5UguQVKgYKQW1giwGa d1uPft6AzPwIQBhQxPDT1sHCsyB7R+GNHacessTvqTm3sWav6tj2t+jFSH1VhMQ0GTJi1/xzpP7Hh PfKaosm1DI8CL91qmlJ/odW+MSzGm0AKPB3k4DXo7bNG1i6Fro6Pg/A/M8jv7mr7oxmFpECemelNq FrE7oTcqNBHg82ufyTuBXg==; Received: from [87.69.77.57] (helo=home-c4e4a596f7) by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qQnI6-00080H-Rf; Tue, 01 Aug 2023 07:11:51 -0400 Date: Tue, 01 Aug 2023 14:11:54 +0300 Message-Id: <83tttj10g5.fsf@gnu.org> From: Eli Zaretskii In-Reply-To: (message from Ulrich Mueller on Tue, 01 Aug 2023 07:41:49 +0200) References: X-Spam-Score: -2.3 (--) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) > From: Ulrich Mueller > Date: Tue, 01 Aug 2023 07:41:49 +0200 > > I wonder if commit 46b6d175054e could be cherry-picked to the emacs-29 > branch? The fix looks unintrusive. That's fine by me, thanks.