virtualx-engine/thirdparty/minizip/patches/godot-seek.patch
Rémi Verschelde e1beca0232 zlib/minizip: Update to version 1.2.12
Security update, fixes CVE-2018-25032 in zlib.

Preliminary assessment doesn't show Godot as affected since we don't
seem to call `deflate` with the problematic parameters, but the extent
of the vulnerability is not fully clear upstream yet.

(cherry picked from commit 420d0d50bc)
2022-04-13 11:43:49 +02:00

294 lines
10 KiB
Diff

diff --git a/thirdparty/minizip/ioapi.c b/thirdparty/minizip/ioapi.c
index d666e5a228..db4c33b4b9 100644
--- a/thirdparty/minizip/ioapi.c
+++ b/thirdparty/minizip/ioapi.c
@@ -80,8 +80,15 @@ void fill_zlib_filefunc64_32_def_from_filefunc32(zlib_filefunc64_32_def* p_filef
p_filefunc64_32->zfile_func64.opaque = p_filefunc32->opaque;
p_filefunc64_32->zseek32_file = p_filefunc32->zseek_file;
p_filefunc64_32->ztell32_file = p_filefunc32->ztell_file;
+ /* GODOT start */
+ p_filefunc64_32->zfile_func64.alloc_mem = p_filefunc32->alloc_mem;
+ p_filefunc64_32->zfile_func64.free_mem = p_filefunc32->free_mem;
+ /* GODOT end */
}
+/* GODOT start */
+/*
+// GODOT end
static voidpf ZCALLBACK fopen_file_func OF((voidpf opaque, const char* filename, int mode));
@@ -255,3 +262,6 @@ void fill_fopen64_filefunc (zlib_filefunc64_def* pzlib_filefunc_def)
pzlib_filefunc_def->zerror_file = ferror_file_func;
pzlib_filefunc_def->opaque = NULL;
}
+// GODOT start
+*/
+/* GODOT end */
diff --git a/thirdparty/minizip/ioapi.h b/thirdparty/minizip/ioapi.h
index 114bfab762..2f24a5b6a0 100644
--- a/thirdparty/minizip/ioapi.h
+++ b/thirdparty/minizip/ioapi.h
@@ -155,6 +155,10 @@ typedef struct zlib_filefunc_def_s
close_file_func zclose_file;
testerror_file_func zerror_file;
voidpf opaque;
+ /* GODOT start */
+ alloc_func alloc_mem;
+ free_func free_mem;
+ /* GODOT end */
} zlib_filefunc_def;
typedef ZPOS64_T (ZCALLBACK *tell64_file_func) OF((voidpf opaque, voidpf stream));
@@ -171,6 +175,10 @@ typedef struct zlib_filefunc64_def_s
close_file_func zclose_file;
testerror_file_func zerror_file;
voidpf opaque;
+ /* GODOT start */
+ alloc_func alloc_mem;
+ free_func free_mem;
+ /* GODOT end */
} zlib_filefunc64_def;
void fill_fopen64_filefunc OF((zlib_filefunc64_def* pzlib_filefunc_def));
diff --git a/thirdparty/minizip/unzip.c b/thirdparty/minizip/unzip.c
index 5e12e47474..3b191e827c 100644
--- a/thirdparty/minizip/unzip.c
+++ b/thirdparty/minizip/unzip.c
@@ -157,6 +157,9 @@ typedef struct
uLong compression_method; /* compression method (0==store) */
ZPOS64_T byte_before_the_zipfile;/* byte before the zipfile, (>0 for sfx)*/
int raw;
+ /* GODOT start */
+ int extra_size;
+ /* GODOT end */
} file_in_zip64_read_info_s;
@@ -606,9 +609,10 @@ local unzFile unzOpenInternal (const void *path,
us.z_filefunc.zseek32_file = NULL;
us.z_filefunc.ztell32_file = NULL;
if (pzlib_filefunc64_32_def==NULL)
- fill_fopen64_filefunc(&us.z_filefunc.zfile_func64);
- else
- us.z_filefunc = *pzlib_filefunc64_32_def;
+ /* GODOT start */
+ return NULL; // standard i/o not supported
+ us.z_filefunc = *pzlib_filefunc64_32_def;
+ /* GODOT end */
us.is64bitOpenFunction = is64bitOpenFunction;
@@ -800,6 +804,18 @@ extern unzFile ZEXPORT unzOpen64 (const void *path)
return unzOpenInternal(path, NULL, 1);
}
+/* GODOT start */
+extern void* unzGetOpaque(unzFile file) {
+
+ unz64_s* s;
+ if (file==NULL)
+ return NULL;
+ s=(unz64_s*)file;
+
+ return s->z_filefunc.zfile_func64.opaque;
+};
+/* GODOT end */
+
/*
Close a ZipFile opened with unzOpen.
If there is files inside the .Zip opened with unzOpenCurrentFile (see later),
@@ -1018,10 +1034,23 @@ local int unz64local_GetCurrentFileInfoInternal (unzFile file,
if (lSeek!=0)
{
+ /* GODOT start */
+ if (lSeek<0) {
+ // WORKAROUND for backwards seeking
+ ZPOS64_T pos = ZTELL64(s->z_filefunc, s->filestream);
+ if (ZSEEK64(s->z_filefunc, s->filestream,pos+(ZPOS64_T)lSeek,ZLIB_FILEFUNC_SEEK_SET)==0)
+ lSeek=0;
+ else
+ err=UNZ_ERRNO;
+ } else {
+ /* GODOT end */
if (ZSEEK64(s->z_filefunc, s->filestream,(ZPOS64_T)lSeek,ZLIB_FILEFUNC_SEEK_CUR)==0)
lSeek=0;
else
err=UNZ_ERRNO;
+ /* GODOT start */
+ }
+ /* GODOT end */
}
while(acc < file_info.size_file_extra)
@@ -1575,8 +1604,10 @@ extern int ZEXPORT unzOpenCurrentFile3 (unzFile file, int* method,
}
else if ((s->cur_file_info.compression_method==Z_DEFLATED) && (!raw))
{
- pfile_in_zip_read_info->stream.zalloc = (alloc_func)0;
- pfile_in_zip_read_info->stream.zfree = (free_func)0;
+ /* GODOT start */
+ pfile_in_zip_read_info->stream.zalloc = s->z_filefunc.zfile_func64.alloc_mem;
+ pfile_in_zip_read_info->stream.zfree = s->z_filefunc.zfile_func64.free_mem;
+ /* GODOT end */
pfile_in_zip_read_info->stream.opaque = (voidpf)0;
pfile_in_zip_read_info->stream.next_in = 0;
pfile_in_zip_read_info->stream.avail_in = 0;
@@ -1608,6 +1639,9 @@ extern int ZEXPORT unzOpenCurrentFile3 (unzFile file, int* method,
iSizeVar;
pfile_in_zip_read_info->stream.avail_in = (uInt)0;
+ /* GODOT start */
+ pfile_in_zip_read_info->extra_size = iSizeVar;
+ /* GODOT end */
s->pfile_in_zip_read = pfile_in_zip_read_info;
s->encrypted = 0;
@@ -1638,6 +1672,85 @@ extern int ZEXPORT unzOpenCurrentFile3 (unzFile file, int* method,
return UNZ_OK;
}
+/* GODOT start */
+extern int ZEXPORT unzSeekCurrentFile(unzFile file, int pos) {
+
+ unz64_s* s;
+ file_in_zip64_read_info_s* pfile_in_zip_read_info;
+ if (file==NULL)
+ return UNZ_PARAMERROR;
+ s=(unz64_s*)file;
+ pfile_in_zip_read_info=s->pfile_in_zip_read;
+
+ if (pfile_in_zip_read_info==NULL)
+ return UNZ_PARAMERROR;
+
+ if (pfile_in_zip_read_info->compression_method==Z_BZIP2ED) { // don't know how to support bzip
+ return UNZ_INTERNALERROR;
+ }
+
+ if ((pfile_in_zip_read_info->compression_method==0) || (pfile_in_zip_read_info->raw)) {
+
+ pfile_in_zip_read_info->rest_read_compressed =
+ s->cur_file_info.compressed_size - pos;
+ pfile_in_zip_read_info->rest_read_uncompressed =
+ s->cur_file_info.uncompressed_size - pos;
+
+ pfile_in_zip_read_info->pos_in_zipfile =
+ s->cur_file_info_internal.offset_curfile + SIZEZIPLOCALHEADER +
+ pfile_in_zip_read_info->extra_size + pos;
+
+ pfile_in_zip_read_info->stream.avail_in = (uInt)0;
+ pfile_in_zip_read_info->stream.total_out = pos;
+
+ return ZSEEK64(pfile_in_zip_read_info->z_filefunc,
+ pfile_in_zip_read_info->filestream,
+ pfile_in_zip_read_info->byte_before_the_zipfile + pfile_in_zip_read_info->pos_in_zipfile,
+ ZLIB_FILEFUNC_SEEK_SET);
+
+ } else { // gzip
+
+ if (pos < pfile_in_zip_read_info->stream.total_out) { // negative seek, rewind
+
+ pfile_in_zip_read_info->rest_read_compressed =
+ s->cur_file_info.compressed_size ;
+ pfile_in_zip_read_info->rest_read_uncompressed =
+ s->cur_file_info.uncompressed_size ;
+
+ pfile_in_zip_read_info->pos_in_zipfile =
+ s->cur_file_info_internal.offset_curfile + SIZEZIPLOCALHEADER +
+ pfile_in_zip_read_info->extra_size;
+
+ (void)inflateReset(&pfile_in_zip_read_info->stream);
+
+ pfile_in_zip_read_info->stream.avail_in = (uInt)0;
+ pfile_in_zip_read_info->stream.total_out = 0;
+ pfile_in_zip_read_info->stream.next_in = 0;
+ }
+
+ // not sure where to read, so read on the stack
+ {
+ char buf[512];
+ int to_read = pos - pfile_in_zip_read_info->stream.total_out;
+ while (to_read) {
+
+ int len = to_read > sizeof(buf)?sizeof(buf):to_read;
+ int read = unzReadCurrentFile(file, buf, len);
+ if (read < 0) {
+ return read;
+ }
+ to_read -= read;
+ if (read == UNZ_EOF) {
+ return pos;
+ }
+ }
+ }
+ }
+
+ return pos;
+}
+/* GODOT end */
+
extern int ZEXPORT unzOpenCurrentFile (unzFile file)
{
return unzOpenCurrentFile3(file, NULL, NULL, 0, NULL);
diff --git a/thirdparty/minizip/unzip.h b/thirdparty/minizip/unzip.h
index 6f95e94d75..71a7d89692 100644
--- a/thirdparty/minizip/unzip.h
+++ b/thirdparty/minizip/unzip.h
@@ -202,6 +202,10 @@ extern int ZEXPORT unzClose OF((unzFile file));
these files MUST be closed with unzCloseCurrentFile before call unzClose.
return UNZ_OK if there is no problem. */
+/* GODOT start */
+extern void* unzGetOpaque(unzFile file);
+/* GODOT end */
+
extern int ZEXPORT unzGetGlobalInfo OF((unzFile file,
unz_global_info *pglobal_info));
@@ -390,6 +394,13 @@ extern int ZEXPORT unzReadCurrentFile OF((unzFile file,
(UNZ_ERRNO for IO error, or zLib error for uncompress error)
*/
+/* GODOT start */
+extern int ZEXPORT unzSeekCurrentFile(unzFile file, int pos);
+/*
+ Seek to position in uncompressed data
+*/
+/* GODOT end */
+
extern z_off_t ZEXPORT unztell OF((unzFile file));
extern ZPOS64_T ZEXPORT unztell64 OF((unzFile file));
diff --git a/thirdparty/minizip/zip.c b/thirdparty/minizip/zip.c
index 4e611e1163..6d1c26d9f8 100644
--- a/thirdparty/minizip/zip.c
+++ b/thirdparty/minizip/zip.c
@@ -854,9 +854,11 @@ extern zipFile ZEXPORT zipOpen3 (const void *pathname, int append, zipcharpc* gl
ziinit.z_filefunc.zseek32_file = NULL;
ziinit.z_filefunc.ztell32_file = NULL;
- if (pzlib_filefunc64_32_def==NULL)
- fill_fopen64_filefunc(&ziinit.z_filefunc.zfile_func64);
- else
+ /* GODOT start */
+ if (pzlib_filefunc64_32_def==NULL) {
+ //fill_fopen64_filefunc(&ziinit.z_filefunc.zfile_func64);
+ } else
+ /* GODOT end */
ziinit.z_filefunc = *pzlib_filefunc64_32_def;
ziinit.filestream = ZOPEN64(ziinit.z_filefunc,
@@ -1211,8 +1213,10 @@ extern int ZEXPORT zipOpenNewFileInZip4_64 (zipFile file, const char* filename,
{
if(zi->ci.method == Z_DEFLATED)
{
- zi->ci.stream.zalloc = (alloc_func)0;
- zi->ci.stream.zfree = (free_func)0;
+ /* GODOT start */
+ zi->ci.stream.zalloc = zi->z_filefunc.zfile_func64.alloc_mem;
+ zi->ci.stream.zfree = zi->z_filefunc.zfile_func64.free_mem;
+ /* GODOT end */
zi->ci.stream.opaque = (voidpf)0;
if (windowBits>0)