Hi, I made a patch [1] for a bug I reported some times ago [2].
gzinflate() passes the Z_FINISH flag to inflate(). This flag may be used when the length of the decoded data is known, so that the data is decoded in one pass. When gzinflate() do not know the decoded length, it grows the buffer and try again while inflate() returns Z_BUF_ERROR. The problem is that Z_FINISH causes inflate() to also return Z_BUF_ERROR when the encoded data is truncated or corrupted, which may cause an infinite loop. The patch removes the use of the Z_FINISH flag so that inflate() returns usable error codes. This also allows to continue the decoding where inflate stopped it when the buffer was not large enough for the decoded data. I made two test cases [3], one I made when I reported the bug, and the other to test the case where the $length argument is too small, so that the function is almost entirely covered. [1] http://arnaud.lb.s3.amazonaws.com/gzinflate-bug42663.patch [2] http://bugs.php.net/bug.php?id=42663 [3] http://arnaud.lb.s3.amazonaws.com/gzinflate-phpt.tar.bz2 Regards, Arnaud -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
