sync with upstream

This adds a new public API, deflateUsed(), so is technically a minor bump.
Nothing will be using this anytime soon, so no shared library bump.

discussed with deraadt during c2k24

zlib: sync with upstream

More Windows #ifdef shuffling. Only one change relevant for OpenBSD:
Make deflateBound() more conservative and handle Z_STREAM_END.

libz: sync with upstream

- fix type of local variable in deflate_stored()
- more Windows compat shuffling
- wrap overlong line in gzread

Pull in some post 1.3.1 upstream commits

This is only cosmetic as far as OpenBSD is concerned.

Update to zlib 1.3.1

Since we already pulled in all fixes, this only bumps version/magic numbers
and copyright years. The fixes relevant to OpenBSD are:

- Fix bug in inflateSync() for data held in

Update to zlib 1.3.1

Since we already pulled in all fixes, this only bumps version/magic numbers
and copyright years. The fixes relevant to OpenBSD are:

- Fix bug in inflateSync() for data held in bit buffer
- Add LIT_MEM define to use more memory for a small deflate speedup
- Add bounds checking to ERR_MSG() macro, used by zError()
- Various portability and appearance improvements

show more ...

Sync with upstream as of Jan 20

No change of compiled code: the bug fix in check_match() affects ZLIB_DEBUG
builds only and the Z_ARG macro is unused.

libz: sync with upstream's develop branch as of Jan 18

libz sync with develop branch, discussed with deraadt

Apart from cosmetics, this includes the following commits:

Add LIT_MEM define to use more memory for a small deflate speedup.

A bug fix in zli

libz sync with develop branch, discussed with deraadt

Apart from cosmetics, this includes the following commits:

Add LIT_MEM define to use more memory for a small deflate speedup.

A bug fix in zlib 1.2.12 resulted in a slight slowdown (1-2%) of
deflate. This commit provides the option to #define LIT_MEM, which
uses more memory to reverse most of that slowdown. The memory for
the pending buffer and symbol buffers is increased by 25%, which
increases the total memory usage with the default parameters by
about 6%.

https://github.com/madler/zlib/commit/ac8f12c97d1afd9bafa9c710f827d40a407d3266

Fix bug in inflateSync() for data held in bit buffer.

https://github.com/madler/zlib/commit/5af7cef45eeef86ddf6ab00b4e363c1eecaf47b6

show more ...

Bump zlib version to 1.3

We have been pulling in all actual changes over the past months, so this
is only a version number bump. The relevant entries of the ChangeLog are:

* Building using K&R (p

Bump zlib version to 1.3

We have been pulling in all actual changes over the past months, so this
is only a version number bump. The relevant entries of the ChangeLog are:

* Building using K&R (pre-ANSI) function definitions is no longer supported.
* Fixed a bug in deflateBound() for level 0 and memLevel 9.
* Fixed a bug when gzungetc() is used immediately after gzopen().
* Fixed a bug when using gzflush() with a very small buffer.
* Fixed a crash when gzsetparams() is attempted for a transparent write.

ok deraadt miod millert

show more ...

Conditionally disable MSAN

from upstream

Update libz to the HEAD of the develop branch

This mostly moves from K&R prototypes to ANSI prototypes and includes a
handful of bug fixes that are nice to have. The corresponding sys commit
will al

Update libz to the HEAD of the develop branch

This mostly moves from K&R prototypes to ANSI prototypes and includes a
handful of bug fixes that are nice to have. The corresponding sys commit
will allow us to undo some hacks that jca applied to make the kernel build
with clang 15.

discussed with deraadt

show more ...

Drop RCS ids in upstream zlib source

We're not maintaining a this as a fork, it's upstream source with a handful
of patches. Thus, the RCS ids aren't particularly useful or important. They
are a bit

Drop RCS ids in upstream zlib source

We're not maintaining a this as a fork, it's upstream source with a handful
of patches. Thus, the RCS ids aren't particularly useful or important. They
are a bit of a maintenance burden and generate noise in diffs.

ok kn, no objection millert, "kill" guess who

show more ...

Update base libz to 1.2.13

This update contains a few bugfixes (some of which we have already
backported to 1.2.12) and a ton of cosmetic changes. The relevant
bits of the ChangeLog are:

- Repair p

Update base libz to 1.2.13

This update contains a few bugfixes (some of which we have already
backported to 1.2.12) and a ton of cosmetic changes. The relevant
bits of the ChangeLog are:

- Repair prototypes and exporting of new CRC functions
- Have infback() deliver all of the available output up to any error
- Fix a bug when getting a gzip header extra field with inflate()
- Fix bug in block type selection when Z_FIXED used
- Tighten deflateBound bounds
- Remove deleted assembler code references
- Various portability and appearance improvements

Tested on amd64 and arm64 by me and on sparc64 by kn.

show more ...

Update to zlib 1.2.12

Build tests by myself for amd64 and arm64, sthen and inoguchi for i386
and gkoehler for macppc and powerpc64, thanks!

Detailed changelog is part of the committed diff.

Improve error checking in deflatePrime()

This is a small follow-up commit to the previous commit.

ok mbuhl millert

commit 4346a16853e19b45787ce933666026903fb8f3f8
Author: Mark Adler <madler@alumni

Improve error checking in deflatePrime()

This is a small follow-up commit to the previous commit.

ok mbuhl millert

commit 4346a16853e19b45787ce933666026903fb8f3f8
Author: Mark Adler <madler@alumni.caltech.edu>
Date: Tue Apr 17 22:44:41 2018 -0700

Assure that the number of bits for deflatePrime() is valid.

https://github.com/madler/zlib/commit/4346a16853e19b45787ce933666026903fb8f3f8

show more ...

Fix memory corruption bug in zlib

zlib has a crashing bug. The bug fix has been sitting in the
unreleased develop branch for nearly four years. Pull in this fix.

ok mbuhl millert

Reported by Tavis

Fix memory corruption bug in zlib

zlib has a crashing bug. The bug fix has been sitting in the
unreleased develop branch for nearly four years. Pull in this fix.

ok mbuhl millert

Reported by Tavis Ormandy on oss-security:
https://marc.info/?l=oss-security&m=164809382107156&w=2

commit 5c44459c3b28a9bd3283aaceab7c615f8020c531
Author: Mark Adler <madler@alumni.caltech.edu>
Date: Tue Apr 17 22:09:22 2018 -0700

Fix a bug that can crash deflate on some input when using Z_FIXED.

This bug was reported by Danilo Ramos of Eideticom, Inc. It has
lain in wait 13 years before being found! The bug was introduced
in zlib 1.2.2.2, with the addition of the Z_FIXED option. That
option forces the use of fixed Huffman codes. For rare inputs with
a large number of distant matches, the pending buffer into which
the compressed data is written can overwrite the distance symbol
table which it overlays. That results in corrupted output due to
invalid distances, and can result in out-of-bound accesses,
crashing the application.

The fix here combines the distance buffer and literal/length
buffers into a single symbol buffer. Now three bytes of pending
buffer space are opened up for each literal or length/distance
pair consumed, instead of the previous two bytes. This assures
that the pending buffer cannot overwrite the symbol table, since
the maximum fixed code compressed length/distance is 31 bits, and
since there are four bytes of pending space for every three bytes
of symbol space.

https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531

show more ...

Backport zlib fix for the multi line CLEAR_HASH macro. There is
an else branch where only half of the macro is executed conditionally.
Acording to upstream comment this has only little impact.
https

Backport zlib fix for the multi line CLEAR_HASH macro. There is
an else branch where only half of the macro is executed conditionally.
Acording to upstream comment this has only little impact.
https://github.com/madler/zlib/commit/38e8ce32afbaa82f67d992b9f3056f281fe69259
OK deraadt@ tb@

show more ...

Update libz to zlib 1.2.11 and reapply local patches as far as this
made sense.

Tested in snaps for a few days. deraadt helped with fitting things on
floppies and jmatthew found a bug I introduced.

Update libz to zlib 1.2.11 and reapply local patches as far as this
made sense.

Tested in snaps for a few days. deraadt helped with fitting things on
floppies and jmatthew found a bug I introduced.

ok deraadt

show more ...

rcsid[] and sccsid[] and copyright[] are essentially unmaintained (and
unmaintainable). these days, people use source. these id's do not provide
any benefit, and do hurt the small install media
(th

rcsid[] and sccsid[] and copyright[] are essentially unmaintained (and
unmaintainable). these days, people use source. these id's do not provide
any benefit, and do hurt the small install media
(the 33,000 line diff is essentially mechanical)
ok with the idea millert, ok dms

show more ...

Update to zlib 1.2.3; OK deraadt@

update to zlib-1.21 (we already have the CAN-2004-0797 security fixes)
"in it goes" deraadt@, in the near-total absence of feedback from others

update to zlib 1.2.1

ok millert@ deraadt@

set flag that we are restarting; pr 2886, also same diff found in netbsd;
how did this sit around so long??

duplicate words and spelling fixes in comments
ok miod@

Update to zlib-1.1.4