Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[CP] Fix zlib inflation to ignore data past the ADLER32 trailer. #56526

Closed
brianquinlan opened this issue Aug 20, 2024 · 2 comments
Closed

[CP] Fix zlib inflation to ignore data past the ADLER32 trailer. #56526

brianquinlan opened this issue Aug 20, 2024 · 2 comments
Assignees
@vsmenon @itsjustkevin @mit-mit @athomas
Labels
area-vm Use area-vm for VM related issues, including code coverage, and the AOT and JIT backends. cherry-pick-approved Label for approved cherrypick request cherry-pick-review Issue that need cherry pick triage to approve triaged Issue has been triaged by sub team type-bug Incorrect behavior (everything from a crash to more subtle misbehavior)

Comments

@brianquinlan
Copy link
Contributor

Commit(s) to merge

https://dart-review.googlesource.com/c/sdk/+/380861

Target

stable

Prepared changelist for beta/stable

https://dart-review.googlesource.com/c/sdk/+/381389

Issue Description

Fixes a regression where ZLibDecoder would attempt to read data past the compressed data's trailer. This happens on all platforms. See #56481

What is the fix

The fix is to modify the ZLibDecoder to have two modes:

  1. one that stops decompression after the first compression block (this is the default and the behavior prior to Dart 3.5)
  2. one that decompresses concatenated decompression blocks (required for gzip decompression)

and to modify the gzip decompressor to use (2)

Why cherry-pick

The full impact of the ZLibDecoder regression is unknown. It broke at least one Flutter project: GitJournal/GitJournal#962

Risk

Low. The cherry pick reverts the default behavior of ZLibDecoder to what it was before Dart 3.5, while preserving the ability to decompress gzip files that was added in Dart 3.5.

Issue link(s)

#56481

Extra Info

No response
@brianquinlan brianquinlan added the cherry-pick-review Issue that need cherry pick triage to approve label Aug 20, 2024
@dart-github-bot
Copy link
Collaborator

Summary: The ZLibDecoder in Dart 3.5 incorrectly attempted to read data past the compressed data's trailer, causing a regression. This fix modifies the ZLibDecoder to have two modes, one that stops decompression after the first block and one that decompresses concatenated blocks, and uses the latter for gzip decompression.

@dart-github-bot dart-github-bot added area-vm Use area-vm for VM related issues, including code coverage, and the AOT and JIT backends. triage-automation See https://github.com/dart-lang/ecosystem/tree/main/pkgs/sdk_triage_bot. type-bug Incorrect behavior (everything from a crash to more subtle misbehavior) labels Aug 20, 2024
@a-siva
Copy link
Contributor

a-siva commented Aug 20, 2024

lgtm

@a-siva a-siva added triaged Issue has been triaged by sub team and removed triage-automation See https://github.com/dart-lang/ecosystem/tree/main/pkgs/sdk_triage_bot. labels Aug 21, 2024
@itsjustkevin itsjustkevin added the cherry-pick-approved Label for approved cherrypick request label Aug 22, 2024
copybara-service bot pushed a commit that referenced this issue Aug 26, 2024
@brianquinlan
[stable] Fix zlib inflation to ignore data past the ADLER32 trailer.
b9d83af 
Bug:#56481
Change-Id: I70ca61d9b1c9dd1720af240360f9cad751bf7013
Tested: zlib_test.dart
Cherry-pick: https://dart-review.googlesource.com/c/sdk/+/380861
Cherry-pick-request: #56526
Reviewed-on: https://dart-review.googlesource.com/c/sdk/+/381389
Reviewed-by: Siva Annamalai <asiva@google.com>
Commit-Queue: Brian Quinlan <bquinlan@google.com>
@athomas athomas closed this as completed Aug 29, 2024
@clach04 clach04 mentioned this issue Aug 31, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@vsmenon vsmenon

@itsjustkevin itsjustkevin

@mit-mit mit-mit

@athomas athomas

Labels
area-vm Use area-vm for VM related issues, including code coverage, and the AOT and JIT backends. cherry-pick-approved Label for approved cherrypick request cherry-pick-review Issue that need cherry pick triage to approve triaged Issue has been triaged by sub team type-bug Incorrect behavior (everything from a crash to more subtle misbehavior)
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
7 participants
@vsmenon @a-siva @brianquinlan @itsjustkevin @mit-mit @athomas @dart-github-bot