kc3-lang/zlib/contrib

contrib

Branch

Log

Author Commit Date CI Message
Mark Adler 51b7f2ab 2024-01-22T10:14:31 zlib 1.3.1
Mark Adler c06dfecb 2024-01-21T09:24:10 Use Makefile compiler for minizip-test target.
Dimitri Papadopoulos fe41d189 2023-08-06T13:56:45 Correct typos in source code.
Matt Wilson 14a5f8f2 2024-01-17T14:46:18 Neutralize zip file traversal attacks in miniunz. Archive formats such as .zip files are generally susceptible to so-called "traversal attacks". This allows an attacker to craft an archive that writes to unexpected locations of the file system (e.g., /etc/shadow) if an unspecting root user were to unpack a malicious archive. This patch neutralizes absolute paths such as /tmp/moo and deeply relative paths such as dummy/../../../../../../../../../../tmp/moo The Debian project requested CVE-2014-9485 be allocated for the first identified weakness. The fix was incomplete, resulting in a revised patch applied here. Since there wasn't an updated version released by Debian with the incomplete fix, I suggest we use this CVE to identify both issues. Link: https://security.snyk.io/research/zip-slip-vulnerability Link: https://bugs.debian.org/774321 Link: https://bugs.debian.org/776831 Link: https://nvd.nist.gov/vuln/detail/CVE-2014-9485 Reported-by: Jakub Wilk <jwilk@debian.org> Fixed-by: Michael Gilbert <mgilbert@debian.org>
THE-Spellchecker 01155ccc 2023-12-02T16:56:47 Fix random typos over several source and text files.
William Leara 190168cc 2023-12-11T11:47:43 Correct case of MSDOS in contrib/minizip/miniunz.c.
William Leara 762cf49e 2023-12-11T12:01:52 Refer to correct function in contrib/minizip/unzip.c comment.
Paul Ivanov 643e17b7 2023-11-14T16:23:02 Correct repeated words in source file comments and a readme.
Mark Adler 15c45adb 2023-11-07T15:46:41 Fix decision on the emission of Zip64 end records in minizip. The appnote says that if the number of entries in the end record is 0xffff, then the actual number of entries will be found in the Zip64 end record. Therefore if the number of entries is equal to 0xffff, it can't be in the end record by itself, since that is an instruction to get the number from the Zip64 end record. This code would just store 0xffff in the end record in that case, not making a Zip64 end record. This commit fixes that.
tbeu 88e50f17 2016-11-15T21:04:58 Update miniunz version.
Mark Adler 79a0e447 2023-08-19T23:17:29 Update version and date in contrib/nuget.
Mark Adler 8988e032 2023-08-19T17:13:12 Update version numbers and year in contrib/vstudio/vc17.
Mark Adler 7192d692 2023-08-19T17:07:35 Update vc directory in contrib/nuget.
Mark Adler 60bfe641 2023-08-19T12:13:00 Rename contrib/vstudio/vc143 to vc17. This makes it consistent with the other vstudio projects, which use the version number.
Hans Wennborg 73331a6a 2023-08-18T11:05:33 Reject overflows of zip header fields in minizip. This checks the lengths of the file name, extra field, and comment that would be put in the zip headers, and rejects them if they are too long. They are each limited to 65535 bytes in length by the zip format. This also avoids possible buffer overflows if the provided fields are too long.
AraHaan 4a47c1bf 2022-10-25T00:35:43 Add project and solution files for building a nuget package.
AraHaan d7de5971 2022-10-24T16:59:27 Add VS2022 project files. Also replaced Itanium with ARM and ARM64 configurations.
Mark Adler 4c5a81c2 2023-08-19T10:43:36 Remove carriage returns from contrib/vstudio/readme.txt.
Mark Adler 3a98b57e 2023-08-18T13:15:24 Change version number on develop branch to 1.3.0.1.
Mark Adler 09155eaa 2023-08-18T01:45:36 zlib 1.3
Mark Adler 25bbd7f5 2023-08-17T21:40:28 Avoid uninitialized and unused warnings in contrib/minizip.
Bastian Germann efc9c7b8 2022-11-14T15:26:14 Add license to contrib/untgz. A zlib license was agreed to by the authors.
Dimitri Papadopoulos 6951bc60 2023-08-06T14:51:29 Fix typos in contrib/ada.
Mark Adler 89ef46ba 2023-08-13T17:46:47 Remove redundant includes in minizip.
Mark Adler 384e50ee 2023-08-13T17:43:36 Remove TRYFREE macro from minizip.
Dimitri Papadopoulos c7ddcc2e 2023-02-02T15:50:00 Fix some spelling errors.
Eugene Golushkov be7aa115 2023-08-03T19:53:08 Read multiple bytes instead of byte-by-byte in minizip unzip.c. Use a single ZREAD64 call in the unz64local_getShort/Long/Long64 implementation, rather than read it byte by byte.
Gilles Vollant aa154e3d 2023-07-29T11:17:19 Support Haiku in minizip.
Xiang Xiao f679a939 2022-09-08T21:45:04 Correct dummy filetime() prototype in minizip.c. Signed-off-by: Xiang Xiao <xiaoxiang@xiaomi.com>
Mark Adler b3f23f7f 2023-07-29T23:58:11 Match sign of printf directive to sign of argument in testzlib.
Mark Adler dcd0d86b 2023-07-29T23:55:48 Match sign of printf directive to sign of argument in minizip.
Mark Adler 3061e501 2023-07-29T23:51:22 Fix logic error in minizip argument processing.
Dimitri Papadopoulos 379bbda3 2023-02-02T16:03:24 Fix typos found by codespell in minizip
Mark Adler e0bd0ad6 2023-07-29T23:34:26 Fix reading disk number start on zip64 files in minizip.
Gilles Vollant 7b28ecc8 2023-07-29T10:08:42 Remove duplicated code #806
RedworkDE f209ca7b 2023-02-15T12:25:33 minizip: Fix being unable to open empty zip file
Mark Adler 05527a1b 2023-04-17T14:08:55 Fix cast in minizip's ioapi.c for Windows.
Mark Adler 66588683 2023-04-15T11:27:12 Remove use of OF() from contrib/untgz and render it compilable.
Mark Adler bf2578be 2023-04-15T11:16:17 Remove K&R function definitions from contrib/minizip.
Mark Adler c4aa3567 2023-04-15T01:18:06 Remove K&R function definitions from infback9.
Mark Adler 41fda48f 2022-10-15T09:02:21 Change version number on develop branch to 1.2.13.1.
Mark Adler 04f42cec 2022-10-12T17:54:34 zlib 1.2.13
Mark Adler 40c5a9bc 2022-10-10T02:39:33 Find other BSD's without *64 functions in contrib/minizip/ioapi.h.
Mark Adler 2bb49619 2022-10-10T01:01:38 Avoid C89 warning in contrib/minizip/crypt.h.
Mark Adler e61ff990 2022-10-09T21:26:39 Comment out unused code in contrib/minizip/minizip.c.
Mark Adler 4572dfbe 2022-10-06T17:17:07 Remove some harmless semicolons in minizip.
Mark Adler 9b291c9f 2022-10-06T15:40:56 Fix incorrect cast in minizip's ioapi.c.
Mark Adler 2d283adf 2022-10-06T15:29:02 Fix c89 compatibility in minizip's ioapi.c. [gvollant]
Mark Adler 138c93cf 2022-10-06T15:49:04 Security and warning fixes for minizip. [gvollant] Remove unused code and unnecessary test for free().
Mark Adler d0704a82 2022-10-06T12:52:49 Remove deleted assembler code references. The code was removed, but the builds that used the code were not updated. This fixes that. Thanks to Adenilson and toxieainc for the patches.
Mark Adler 59b948ac 2022-08-28T13:13:17 Fix typo in contrib readme.
Mark Adler 5752b171 2022-08-22T13:13:06 Fix some typos. No code changes.
Mark Adler ce127737 2022-03-28T18:46:59 Fix compile with Windows 10 SDK. (gvollant)
Mark Adler a4c17581 2022-03-27T18:07:49 Change version number on develop branch to 1.2.12.1.
Mark Adler 21767c65 2022-03-27T15:47:03 zlib 1.2.12
Mark Adler 2014a993 2022-01-01T14:32:17 Clean up minizip to reduce warnings for testing. Also fix Makefile test target and permit added compile options.
Mark Adler 58ca4e57 2022-01-01T12:09:30 Fix unztell64() in minizip to work past 4GB. (Daniël Hörchner) The issue is that unztell64() does not return the correct value if the position in the current file (in the ZIP archive) is beyond 4 GB. The cause is that unzReadCurrentFile() does not account for pfile_in_zip_read_info->stream.total_out at line 1854 of unzip.c wrapping around (it is a 32-bit variable). So, on line 1860 uTotalOutAfter can be *less* than uTotalOutBefore, propagating the wraparound to uOutThis, which in turn is added to pfile_in_zip_read_info->total_out_64. That has the effect of subtracting 4 GB.
Mark Adler b135d46e 2021-12-31T17:22:37 minizip warning fix if MAXU32 already defined. (gvollant)
Mark Adler c3f3043f 2021-07-08T09:31:52 Fix indentation in minizip's zip.c.
Mark Adler 0530dbce 2021-02-10T15:03:22 Improve portability of contrib/minizip.
Mark Adler 506424c6 2021-01-17T21:50:08 Correct typo in blast.c.
Mark Adler 288f1080 2017-10-12T20:08:53 Remove old assembler code in which bugs have manifested. In addition, there is not sufficient gain from the inflate assembler code to warrant its inclusion.
Mark Adler 7d60b867 2017-01-15T22:46:03 Change version number to 1.2.11.1.
Mark Adler cacf7f1d 2017-01-15T09:18:46 zlib 1.2.11
Mark Adler c38a2603 2017-01-04T22:56:55 Delete user-specific Visual Studio project files.
Mark Adler 11ceaed7 2017-01-15T08:54:04 Change version number to 1.2.10.1.
Mark Adler 4a090ade 2017-01-02T17:53:59 zlib 1.2.10
Mark Adler 20e47254 2017-01-01T22:21:21 Change version number to zlib 1.2.9.1.
Mark Adler 6bdca506 2017-01-01T22:12:12 Fix some stray 1.2.8.1 version numbers.
Mark Adler 2fa463ba 2016-12-31T11:41:31 zlib 1.2.9
Mark Adler 14e3194e 2016-12-31T18:51:34 Update Visual Studio project files (AraHaan).
Mark Adler d6f0da2f 2016-12-30T17:20:44 Fix character encoding and link in contrib README.
Mark Adler 03614c56 2016-10-30T08:36:13 Fix some typos.
Mark Adler 70a8763b 2016-07-10T11:43:17 Fix typo in blast.c.
Mark Adler 799c87c0 2013-08-24T01:53:31 Improve contrib/blast to return unused bytes. Fix the test code to report the count of unused bytes at the end correctly. Add the ability to provide initial input to blast().
Mark Adler 89e335ab 2013-08-03T18:13:23 Fix contrib/minizip to permit unzipping with desktop API [Zouzou].
Mark Adler ceeb615f 2013-05-02T23:12:54 Change version number to 1.2.8.1.
Mark Adler 5b5da456 2013-04-28T17:21:50 Fix mixed line endings in contrib/vstudio.
Mark Adler b4d80282 2013-04-18T21:47:59 Clean up contrib/vstudio [Roß].
Mark Adler 5481269e 2013-04-14T10:05:43 Update contrib/minizip/iowin32.c for Windows RT [Vollant].
Mark Adler e8fee0ea 2013-04-13T21:38:26 Change version number to 1.2.8.
Mark Adler c7140720 2013-04-13T19:11:47 Fix version numbers and DLL names in contrib/vstudio/*/zlib.rc.
Mark Adler 388a285c 2013-04-13T18:58:46 Change version number to 1.2.7.3.
Mark Adler 8a93f49c 2013-04-13T08:08:57 Change version number to 1.2.7.2.
Enrico Weigelt, metux IT service 318a5e19 2010-07-06T20:06:08 Add man pages for minizip and miniunzip.
Mark Adler 0aac8cf7 2013-03-23T23:47:15 Clean up the addition of gzvprintf.
Mark Adler f0546c8e 2013-03-23T22:57:27 Clean up the addition of inflateGetDictionary.
Mark Adler dd5d0940 2013-03-22T17:38:37 Add vc11 and vc12 build files to contrib/vstudio.
Fredrik Orderud 79a7058b 2012-12-11T21:44:56 Simplify contrib/vstudio/vc10 with 'd' suffix.
takacsd 63ba7582 2012-11-30T19:43:50 Fix types in contrib/minizip to match result of get_crc_table().
Jason Williams 00dfee0b 2012-11-27T07:27:06 Fix casting error in contrib/testzlib/testzlib.c.
Greg Domjan b116fb58 2012-09-14T16:48:12 Add contrib/vstudio/vc10 pre-build step for static only. Also correct typo for 64-bit debug build.
Mark Adler 10056909 2013-01-21T10:15:51 Check for invalid code length codes in contrib/puff. Without this fix, it would be possible to construct inputs to puff that would cause it to segfault.
Mark Adler b6c5057c 2012-10-24T22:50:23 Fix comparisons of differently signed integers in contrib/blast.
Mark Adler b8522e02 2012-10-24T22:47:37 Add note to contrib/blast to use binary mode in stdio.
Mark Adler 62d6112a 2012-08-12T18:08:52 Clean up the usage of z_const and respect const usage within zlib. This patch allows zlib to compile cleanly with the -Wcast-qual gcc warning enabled, but only if ZLIB_CONST is defined, which adds const to next_in and msg in z_stream and in the in_func prototype. A --const option is added to ./configure which adds -DZLIB_CONST to the compile flags, and adds -Wcast-qual to the compile flags when ZLIBGCCWARN is set in the environment.
Mark Adler aef4174d 2012-07-08T16:48:36 Remove unused variable in infback9.c.
Birunthan Mohanathas f51cc49c 2012-06-06T20:30:39 Fix comment typos in unzip.h and unzip.c.
Mark Adler dca9e1d6 2012-05-26T10:37:17 Add inflateGetDictionary() function.
Mark Adler 2689b3cc 2012-05-02T22:38:26 Change version number to 1.2.7.1.
kmx.io     mail     discord kmxgit v0.4.0