Project

General

Profile

Bug #13616

Zlib::GzipReader#pos underflows after calling #ungetbyte or #ungetc at start of file

Added by haines (Andrew Haines) over 1 year ago. Updated over 1 year ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Target version:
-
ruby -v:
ruby 2.4.1p111 (2017-03-22 revision 58053) [x86_64-darwin16]
[ruby-core:81488]

Description

After calling #ungetbyte or #ungetc at the start of file, Zlib::GzipReader#pos should be negative. However, the calculation uses unsigned integers, and underflow occurs.

Instead of the expected -1, the below outputs 18446744073709551615 on my machine:

require 'zlib'

gz = Zlib::GzipReader.new(StringIO.new([
  31, 139, 8, 0, 44, 220, 209, 71, 0, 3, 51, 52, 50, 54, 49, 77,
  76, 74, 78, 73, 5, 0, 157, 5, 0, 36, 10, 0, 0, 0
].pack("C*")))

gz.ungetbyte 0x21

p gz.pos

#read still returns the correct string ("!12345abcde" in this case).


Files

Associated revisions

Revision 7c9c2bc1
Added by naruse (Yui NARUSE) over 1 year ago

Zlib::GzipReader#pos underflows after calling #ungetbyte or #ungetc at start of file [Bug #13616]

patched by Andrew Haines andrew@haines.org.nz [ruby-core:81488]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@59333 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

Revision 59333
Added by naruse (Yui NARUSE) over 1 year ago

Zlib::GzipReader#pos underflows after calling #ungetbyte or #ungetc at start of file [Bug #13616]

patched by Andrew Haines andrew@haines.org.nz [ruby-core:81488]

Revision 59333
Added by naruse (Yui NARUSE) over 1 year ago

Zlib::GzipReader#pos underflows after calling #ungetbyte or #ungetc at start of file [Bug #13616]

patched by Andrew Haines andrew@haines.org.nz [ruby-core:81488]

Revision 59333
Added by naruse (Yui NARUSE) over 1 year ago

Zlib::GzipReader#pos underflows after calling #ungetbyte or #ungetc at start of file [Bug #13616]

patched by Andrew Haines andrew@haines.org.nz [ruby-core:81488]

Revision 59337
Added by nobu (Nobuyoshi Nakada) over 1 year ago

zlib.c: fix unnormalized Fixnum

  • ext/zlib/zlib.c (rb_gzfile_total_out): cast to long not to result in an unsigned long to normalized to Fixnum on LLP64 platforms. [ruby-core:81488]

Revision f4a8004e
Added by usa (Usaku NAKAMURA) over 1 year ago

merge revision(s) 59333,59337: [Backport #13616]

Zlib::GzipReader#pos underflows after calling #ungetbyte or #ungetc at start of file [Bug #13616]

patched by Andrew Haines <andrew@haines.org.nz> [ruby-core:81488]
zlib.c: fix unnormalized Fixnum

* ext/zlib/zlib.c (rb_gzfile_total_out): cast to long not to
  result in an unsigned long to normalized to Fixnum on LLP64
  platforms.  [ruby-core:81488]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_3@59532 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

Revision 59532
Added by usa (Usaku NAKAMURA) over 1 year ago

merge revision(s) 59333,59337: [Backport #13616]

Zlib::GzipReader#pos underflows after calling #ungetbyte or #ungetc at start of file [Bug #13616]

patched by Andrew Haines <andrew@haines.org.nz> [ruby-core:81488]
zlib.c: fix unnormalized Fixnum

* ext/zlib/zlib.c (rb_gzfile_total_out): cast to long not to
  result in an unsigned long to normalized to Fixnum on LLP64
  platforms.  [ruby-core:81488]

Revision a935fe6f
Added by nagachika (Tomoyuki Chikanaga) over 1 year ago

merge revision(s) 58524,58525,58526,59333,59337: [Backport #13616]

zlib.c: zstream_expand_buffer_non_stream

* ext/zlib/zlib.c (zstream_expand_buffer_non_stream): rename from
  zstream_expand_buffer_without_gvl() and replace duplicate code
  in zstream_expand_buffer().
zlib.c: zstream_buffer_ungetbyte

* ext/zlib/zlib.c (zstream_buffer_ungetbyte): simplify by using
  zstream_buffer_ungets().
zlib.c: no buf_filled in zstream

* ext/zlib/zlib.c (zstream): manage capacity and size of `buf`
  instead of size and separated member `buf_filled`.  reported by
  Christian Jalio (jalio) at https://hackerone.com/reports/211958
Zlib::GzipReader#pos underflows after calling #ungetbyte or #ungetc at start of file [Bug #13616]

patched by Andrew Haines <andrew@haines.org.nz> [ruby-core:81488]
zlib.c: fix unnormalized Fixnum

* ext/zlib/zlib.c (rb_gzfile_total_out): cast to long not to
  result in an unsigned long to normalized to Fixnum on LLP64
  platforms.  [ruby-core:81488]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@59807 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

Revision 59807
Added by nagachika (Tomoyuki Chikanaga) over 1 year ago

merge revision(s) 58524,58525,58526,59333,59337: [Backport #13616]

zlib.c: zstream_expand_buffer_non_stream

* ext/zlib/zlib.c (zstream_expand_buffer_non_stream): rename from
  zstream_expand_buffer_without_gvl() and replace duplicate code
  in zstream_expand_buffer().
zlib.c: zstream_buffer_ungetbyte

* ext/zlib/zlib.c (zstream_buffer_ungetbyte): simplify by using
  zstream_buffer_ungets().
zlib.c: no buf_filled in zstream

* ext/zlib/zlib.c (zstream): manage capacity and size of `buf`
  instead of size and separated member `buf_filled`.  reported by
  Christian Jalio (jalio) at https://hackerone.com/reports/211958
Zlib::GzipReader#pos underflows after calling #ungetbyte or #ungetc at start of file [Bug #13616]

patched by Andrew Haines <andrew@haines.org.nz> [ruby-core:81488]
zlib.c: fix unnormalized Fixnum

* ext/zlib/zlib.c (rb_gzfile_total_out): cast to long not to
  result in an unsigned long to normalized to Fixnum on LLP64
  platforms.  [ruby-core:81488]

History

Updated by haines (Andrew Haines) over 1 year ago

Here's an attempt at a patch to check if pos will be negative and handle that scenario accordingly.

#2

Updated by naruse (Yui NARUSE) over 1 year ago

  • Status changed from Open to Closed

Applied in changeset trunk|r59333.


Zlib::GzipReader#pos underflows after calling #ungetbyte or #ungetc at start of file [Bug #13616]

patched by Andrew Haines andrew@haines.org.nz [ruby-core:81488]

#3

Updated by naruse (Yui NARUSE) over 1 year ago

  • Backport changed from 2.2: UNKNOWN, 2.3: UNKNOWN, 2.4: UNKNOWN to 2.2: REQUIRED, 2.3: REQUIRED, 2.4: REQUIRED
#4

Updated by usa (Usaku NAKAMURA) over 1 year ago

  • Backport changed from 2.2: REQUIRED, 2.3: REQUIRED, 2.4: REQUIRED to 2.2: REQUIRED, 2.3: DONE, 2.4: REQUIRED

ruby_2_3 r59532 merged revision(s) 59333,59337.

Updated by nagachika (Tomoyuki Chikanaga) over 1 year ago

  • Backport changed from 2.2: REQUIRED, 2.3: DONE, 2.4: REQUIRED to 2.2: REQUIRED, 2.3: DONE, 2.4: DONE

ruby_2_4 r59807 merged revision(s) 58524,58525,58526,59333,59337.

Also available in: Atom PDF