beenull/ladybird
1
0
Fork 0
mirror of https://github.com/LadybirdBrowser/ladybird.git synced 2024-11-25 17:10:23 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 7

LibCompress: Make the Zlib decompressor fail gracefuly

Browse source 
This commit adds a verify-less try_create method to the Zlib
decompressor to allow for graceful failures of parsing the
Zlib headers.
This commit is contained in:
Idan Horowitz 2021-03-15 17:03:42 +02:00 committed by Andreas Kling
parent a7b5a58509
commit f532421c9c
Notes: sideshowbarker 2024-07-18 21:19:31 +09:00 
Author: https://github.com/IdanHo
Commit: https://github.com/SerenityOS/serenity/commit/f532421c9c7
Pull-request: https://github.com/SerenityOS/serenity/pull/5803
Issue: https://github.com/SerenityOS/serenity/issues/5682
2 changed files with 33 additions and 19 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

45
Userland/Libraries/LibCompress/Zlib.cpp
View file

@ -24,7 +24,6 @@
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/ */
#include <AK/Assertions.h>
#include <AK/Span.h> #include <AK/Span.h>
#include <AK/Types.h> #include <AK/Types.h>
#include <AK/Vector.h> #include <AK/Vector.h>
@ -33,26 +32,38 @@
namespace Compress { namespace Compress {
Zlib::Zlib(ReadonlyBytes data) Optional<Zlib> Zlib::try_create(ReadonlyBytes data)
{ {
m_input_data = data; if (data.size() < 6)
return {}; // header + footer size is 6
Zlib zlib { data };
u8 compression_info = data.at(0); u8 compression_info = data.at(0);
u8 flags = data.at(1); u8 flags = data.at(1);
m_compression_method = compression_info & 0xF; zlib.m_compression_method = compression_info & 0xF;
m_compression_info = (compression_info >> 4) & 0xF; zlib.m_compression_info = (compression_info >> 4) & 0xF;
m_check_bits = flags & 0xF; zlib.m_check_bits = flags & 0xF;
m_has_dictionary = (flags >> 5) & 0x1; zlib.m_has_dictionary = (flags >> 5) & 0x1;
m_compression_level = (flags >> 6) & 0x3; zlib.m_compression_level = (flags >> 6) & 0x3;
m_checksum = 0;
VERIFY(m_compression_method == 8); if (zlib.m_compression_method != 8 || zlib.m_compression_info > 7)
VERIFY(m_compression_info == 7); return {}; // non-deflate compression
VERIFY(!m_has_dictionary);
VERIFY((compression_info * 256 + flags) % 31 == 0);
m_data_bytes = data.slice(2, data.size() - 2 - 4); if (zlib.m_has_dictionary)
return {}; // we dont support pre-defined dictionaries
if ((compression_info * 256 + flags) % 31 != 0)
return {}; // error correction code doesnt match
zlib.m_data_bytes = data.slice(2, data.size() - 2 - 4);
return zlib;
}
Zlib::Zlib(const ReadonlyBytes& data)
: m_input_data(data)
{
} }
Optional<ByteBuffer> Zlib::decompress() Optional<ByteBuffer> Zlib::decompress()
@ -62,8 +73,10 @@ Optional<ByteBuffer> Zlib::decompress()
Optional<ByteBuffer> Zlib::decompress_all(ReadonlyBytes bytes) Optional<ByteBuffer> Zlib::decompress_all(ReadonlyBytes bytes)
{ {
Zlib zlib { bytes }; auto zlib = try_create(bytes);
return zlib.decompress(); if (!zlib.has_value())
return {};
return zlib->decompress();
} }
u32 Zlib::checksum() u32 Zlib::checksum()

7
Userland/Libraries/LibCompress/Zlib.h
View file

@ -34,21 +34,22 @@ namespace Compress {
class Zlib { class Zlib {
public: public:
Zlib(ReadonlyBytes data);
Optional<ByteBuffer> decompress(); Optional<ByteBuffer> decompress();
u32 checksum(); u32 checksum();
static Optional<Zlib> try_create(ReadonlyBytes data);
static Optional<ByteBuffer> decompress_all(ReadonlyBytes); static Optional<ByteBuffer> decompress_all(ReadonlyBytes);
private: private:
Zlib(const ReadonlyBytes& data);
u8 m_compression_method; u8 m_compression_method;
u8 m_compression_info; u8 m_compression_info;
u8 m_check_bits; u8 m_check_bits;
u8 m_has_dictionary; u8 m_has_dictionary;
u8 m_compression_level; u8 m_compression_level;
u32 m_checksum; u32 m_checksum { 0 };
ReadonlyBytes m_input_data; ReadonlyBytes m_input_data;
ReadonlyBytes m_data_bytes; ReadonlyBytes m_data_bytes;
}; };