deps: update zlib to 1.3.1-470d3a2

PR-URL: #58628 Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>

Author: nodejs-github-bot

deps/zlib/BUILD.gn

@@ -173,25 +173,31 @@ if (use_arm_neon_optimizations) {
  }
 }
 
-config("zlib_inflate_chunk_simd_config") {
+config("zlib_data_chunk_simd_config") {
  if (use_x86_x64_optimizations) {
  defines = [ "INFLATE_CHUNK_SIMD_SSE2" ]
 
  if (current_cpu == "x64") {
- defines += [ "INFLATE_CHUNK_READ_64LE" ]
+ defines += [
+ "INFLATE_CHUNK_READ_64LE",
+ "DEFLATE_CHUNK_WRITE_64LE",
+ ]
  }
  }
 
  if (use_arm_neon_optimizations) {
  defines = [ "INFLATE_CHUNK_SIMD_NEON" ]
 
  if (current_cpu == "arm64") {
- defines += [ "INFLATE_CHUNK_READ_64LE" ]
+ defines += [
+ "INFLATE_CHUNK_READ_64LE",
+ "DEFLATE_CHUNK_WRITE_64LE",
+ ]
  }
  }
 }
 
-source_set("zlib_inflate_chunk_simd") {
+source_set("zlib_data_chunk_simd") {
  visibility = [ ":*" ]
 
  if (use_x86_x64_optimizations || use_arm_neon_optimizations) {
@@ -213,7 +219,7 @@ source_set("zlib_inflate_chunk_simd") {
  configs += [ "//build/config/compiler:no_chromium_code" ]
  configs += [ ":zlib_warnings" ]
 
- public_configs = [ ":zlib_inflate_chunk_simd_config" ]
+ public_configs = [ ":zlib_data_chunk_simd_config" ]
 
  public_deps = [ ":zlib_common_headers" ]
 }
@@ -336,7 +342,7 @@ component("zlib") {
  if (use_x86_x64_optimizations || use_arm_neon_optimizations) {
  deps += [
  ":zlib_adler32_simd",
- ":zlib_inflate_chunk_simd",
+ ":zlib_data_chunk_simd",
  ":zlib_slide_hash_simd",
  ]
 

deps/zlib/CMakeLists.txt

@@ -3,7 +3,7 @@ set(CMAKE_ALLOW_LOOSE_LOOP_CONSTRUCTS ON)
 
 project(zlib C)
 
-set(VERSION "1.3.0.1")
+set(VERSION "1.3.1")
 
 set(INSTALL_BIN_DIR "${CMAKE_INSTALL_PREFIX}/bin" CACHE PATH "Installation directory for executables")
 set(INSTALL_LIB_DIR "${CMAKE_INSTALL_PREFIX}/lib" CACHE PATH "Installation directory for libraries")
@@ -47,6 +47,7 @@ if (ENABLE_SIMD_OPTIMIZATIONS)
  add_definitions(-DINFLATE_CHUNK_SIMD_SSE2)
  add_definitions(-DADLER32_SIMD_SSSE3)
  add_definitions(-DINFLATE_CHUNK_READ_64LE)
+ add_definitions(-DDEFLATE_CHUNK_WRITE_64LE)
  add_definitions(-DCRC32_SIMD_SSE42_PCLMUL)
  if (ENABLE_SIMD_AVX512)
  add_definitions(-DCRC32_SIMD_AVX512_PCLMUL)
@@ -64,6 +65,7 @@ if (ENABLE_SIMD_OPTIMIZATIONS)
  add_definitions(-DINFLATE_CHUNK_SIMD_NEON)
  add_definitions(-DADLER32_SIMD_NEON)
  add_definitions(-DINFLATE_CHUNK_READ_64LE)
+ add_definitions(-DDEFLATE_CHUNK_WRITE_64LE)
  add_definitions(-DCRC32_ARMV8_CRC32)
  add_definitions(-DDEFLATE_SLIDE_HASH_NEON)
  # Required by CPU features detection code.
@@ -83,10 +85,13 @@ if (ENABLE_SIMD_OPTIMIZATIONS)
  add_definitions(-DDEFLATE_SLIDE_HASH_RVV)
  add_definitions(-DADLER32_SIMD_RVV)
 
- # TODO(cavalcantii): add remaining flags as we port optimizations to RVV.
  # chunk_copy is required for READ64 and unconditional decode of literals.
  add_definitions(-DINFLATE_CHUNK_GENERIC)
  add_definitions(-DINFLATE_CHUNK_READ_64LE)
+ add_definitions(-DDEFLATE_CHUNK_WRITE_64LE)
+
+ # TODO(cavalcantii): only missing optimization is SLIDE_HASH, got port it
+ # to RISCV.
 
  # Tested with clang-17, unaligned loads are required by read64 & chunk_copy.
  # TODO(cavalcantii): replace internal clang flags for -munaligned-access
@@ -267,7 +272,9 @@ if(MINGW)
 endif(MINGW)
 
 add_library(zlib SHARED ${ZLIB_SRCS} ${ZLIB_DLL_SRCS} ${ZLIB_PUBLIC_HDRS} ${ZLIB_PRIVATE_HDRS})
+target_include_directories(zlib PUBLIC ${CMAKE_CURRENT_BINARY_DIR} ${CMAKE_CURRENT_SOURCE_DIR})
 add_library(zlibstatic STATIC ${ZLIB_SRCS} ${ZLIB_PUBLIC_HDRS} ${ZLIB_PRIVATE_HDRS})
+target_include_directories(zlibstatic PUBLIC ${CMAKE_CURRENT_BINARY_DIR} ${CMAKE_CURRENT_SOURCE_DIR})
 set_target_properties(zlib PROPERTIES DEFINE_SYMBOL ZLIB_DLL)
 set_target_properties(zlib PROPERTIES SOVERSION 1)
 

deps/zlib/OWNERS

@@ -1,4 +1,3 @@
-agl@chromium.org
 cavalcantii@chromium.org
-cblume@chromium.org
-scroggo@google.com
+hans@chromium.org
+agl@chromium.org #{LAST_RESORT_SUGGESTION}

deps/zlib/README.chromium

@@ -1,9 +1,9 @@
 Name: zlib
 Short Name: zlib
 URL: http://zlib.net/
-Version: 1.3.0.1
-Revision: ac8f12c97d1afd9bafa9c710f827d40a407d3266
-CPEPrefix: cpe:/a:zlib:zlib:1.3.0.1
+Version: 1.3.1
+Revision: 51b7f2abdade71cd9bb0e7a373ef2610ec6f9daf
+CPEPrefix: cpe:/a:zlib:zlib:1.3.1
 Security Critical: yes
 Shipped: yes
 License: Zlib
@@ -21,14 +21,17 @@ also implements the zlib (RFC 1950) and gzip (RFC 1952) wrapper formats.
 Local Modifications:
  - Only source code from the zlib distribution used to build the zlib and
  minizip libraries are present. Many other files have been omitted. Only *.c
- and *.h files from the upstream root directory and contrib/minizip were
- imported.
+ and *.h files from the upstream root directory, contrib/minizip and
+ examples/zpipe.c were imported.
+ - The files named '*simd*' are original x86/Arm/RISC-V specific optimizations.
  - The contents of the google directory are original Chromium-specific
  additions.
+ - The contents of the 'contrib' of directory are either Chromium-specific
+ additions or heavily patched zlib files (e.g. inffast_chunk*).
  - Added chromeconf.h
  - Plus the changes in 'patches' folder.
  - Code in contrib/ other than contrib/minizip was added to match zlib's
  contributor layout.
- - In sync with 1.2.13 official release
+ - In sync with 1.3.1 official release
  - ZIP reader modified to allow for progress callbacks during extraction.
  - ZIP reader modified to add detection of AES encrypted content.

deps/zlib/contrib/minizip/README.chromium

@@ -34,3 +34,8 @@ Local Modifications:
  https://pkware.cachefly.net/webdocs/casestudies/APPNOTE.TXT section 4.6.9.
  (see crrev.com/1002476)
  0016-minizip-parse-unicode-path-extra-field.patch
+
+- Added support for zip64 archives that have extra bytes on front (for example,
+ large CRX files).
+ 0018-support-prefixed-zip64.patch
+

deps/zlib/contrib/minizip/unzip.c

@@ -482,6 +482,46 @@ local ZPOS64_T unz64local_SearchCentralDir64(const zlib_filefunc64_32_def* pzlib
  if (uL != 1)
  return CENTRALDIRINVALID;
 
+ /* If bytes are pre-pended to the archive, relativeOffset must be advanced
+ by that many bytes. The central dir must exist between the specified
+ relativeOffset and uPosFound. */
+ if (relativeOffset > uPosFound)
+ return CENTRALDIRINVALID;
+ const int BUFSIZE = 1024 * 4;
+ buf = (unsigned char*)ALLOC(BUFSIZE);
+ if (buf==NULL)
+ return CENTRALDIRINVALID;
+ // Zip64 EOCDR is at least 48 bytes long.
+ while (uPosFound - relativeOffset >= 48) {
+ int found = 0;
+ uLong uReadSize = uPosFound - relativeOffset;
+ if (uReadSize > BUFSIZE) {
+ uReadSize = BUFSIZE;
+ }
+ if (ZSEEK64(*pzlib_filefunc_def, filestream, relativeOffset, ZLIB_FILEFUNC_SEEK_SET) != 0) {
+ break;
+ }
+ if (ZREAD64(*pzlib_filefunc_def, filestream, buf, uReadSize) != uReadSize) {
+ break;
+ }
+ for (int i = 0; i < uReadSize - 3; ++i) {
+ // Looking for 0x06064b50, the Zip64 EOCDR signature.
+ if (buf[i] == 0x50 && buf[i + 1] == 0x4b &&
+ buf[i + 2] == 0x06 && buf[i + 3] == 0x06)
+ {
+ relativeOffset += i;
+ found = 1;
+ break;
+ }
+ }
+ if (found) {
+ break;
+ }
+ // Re-read the last 3 bytes, in case they're the front of the signature.
+ relativeOffset += uReadSize - 3;
+ }
+ free(buf);
+
  /* Goto end of central directory record */
  if (ZSEEK64(*pzlib_filefunc_def,filestream, relativeOffset,ZLIB_FILEFUNC_SEEK_SET)!=0)
  return CENTRALDIRINVALID;
@@ -1005,6 +1045,8 @@ local int unz64local_GetCurrentFileInfoInternal(unzFile file,
  {
  uLong uSizeRead;
 
+ file_info.size_filename = fileNameSize;
+
  if (fileNameSize < fileNameBufferSize)
  {
  *(szFileName + fileNameSize) = '\0';

deps/zlib/contrib/tests/fuzzers/BUILD.gn

@@ -43,3 +43,9 @@ fuzzer_test("zlib_deflate_fuzzer") {
  sources = [ "deflate_fuzzer.cc" ]
  deps = [ "../../../:zlib" ]
 }
+
+fuzzer_test("minizip_unzip_fuzzer") {
+ sources = [ "minizip_unzip_fuzzer.cc" ]
+ deps = [ "../../../:minizip" ]
+ include_dirs = [ "//third_party/zlib/contrib/minizip" ]
+}

deps/zlib/contrib/tests/fuzzers/minizip_unzip_fuzzer.cc

@@ -0,0 +1,119 @@
+// Copyright 2025 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include <algorithm>
+#include <cstdint>
+#include <cstring>
+#include <vector>
+
+#include "unzip.h"
+
+// Fuzzer builds often have NDEBUG set, so roll our own assert macro.
+#define ASSERT(cond) \
+ do { \
+ if (!(cond)) { \
+ fprintf(stderr, "%s:%d Assert failed: %s\n", __FILE__, __LINE__, #cond); \
+ exit(1); \
+ } \
+ } while (0)
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
+ // Mock read-only filesystem with only one file, file_data. In the calls
+ // below, 'opaque' points to file_data, and 'strm' points to the file's seek
+ // position, which is heap allocated so that failing to "close" it triggers a
+ // leak error.
+ std::vector<uint8_t> file_data(data, data + size);
+ zlib_filefunc64_def file_func = {
+ .zopen64_file = [](void* opaque, const void* filename,
+ int mode) -> void* {
+ ASSERT(mode == (ZLIB_FILEFUNC_MODE_READ | ZLIB_FILEFUNC_MODE_EXISTING));
+ return new size_t(0);
+ },
+ .zread_file = [](void* opaque, void* strm, void* buf,
+ uLong size) -> uLong {
+ std::vector<uint8_t>* vec = static_cast<std::vector<uint8_t>*>(opaque);
+ size_t* pos = static_cast<size_t*>(strm);
+ if (*pos >= vec->size()) {
+ return 0;
+ }
+ size = std::min(static_cast<size_t>(size), vec->size() - *pos);
+ memcpy(buf, vec->data() + *pos, size);
+ (*pos) += size;
+ return size;
+ },
+ .zwrite_file = [](void*, void*, const void*, uLong) -> uLong {
+ ASSERT(0 && "Writing is not supported.");
+ return 0;
+ },
+ .ztell64_file = [](void*, void* strm) -> ZPOS64_T {
+ return *static_cast<size_t*>(strm);
+ },
+ .zseek64_file = [](void* opaque, void* strm, ZPOS64_T offset,
+ int origin) -> long {
+ std::vector<uint8_t>* vec = static_cast<std::vector<uint8_t>*>(opaque);
+ size_t* pos = static_cast<size_t*>(strm);
+ switch (origin) {
+ case ZLIB_FILEFUNC_SEEK_SET:
+ *pos = offset;
+ break;
+ case ZLIB_FILEFUNC_SEEK_CUR:
+ *pos = *pos + offset;
+ break;
+ case ZLIB_FILEFUNC_SEEK_END:
+ *pos = vec->size() + offset;
+ break;
+ default:
+ ASSERT(0 && "Invalid origin");
+ }
+ return 0;
+ },
+ .zclose_file = [](void*, void* strm) -> int {
+ delete static_cast<size_t*>(strm);
+ return 0;
+ },
+ .zerror_file = [](void*, void*) -> int { return 0; },
+ .opaque = &file_data};
+
+ unzFile uzf = unzOpen2_64("foo.zip", &file_func);
+ if (uzf == NULL) {
+ return 0;
+ }
+
+ while (true) {
+ unz_file_info64 info = {0};
+
+ // TODO: Pass nullptrs and different buffer sizes to cover more code.
+ char filename[UINT16_MAX + 1]; // +1 for the null terminator.
+ char extra[UINT16_MAX]; // No null terminator.
+ char comment[UINT16_MAX + 1]; // +1 for the null terminator.
+
+ if (unzGetCurrentFileInfo64(uzf, &info, filename, sizeof(filename), extra,
+ sizeof(extra), comment, sizeof(comment)) == UNZ_OK) {
+ ASSERT(info.size_filename <= UINT16_MAX);
+ ASSERT(info.size_file_extra <= UINT16_MAX);
+ ASSERT(info.size_file_comment <= UINT16_MAX);
+
+ ASSERT(filename[info.size_filename] == '\0');
+ ASSERT(comment[info.size_file_comment] == '\0');
+ }
+
+ if (unzOpenCurrentFile(uzf) == UNZ_OK) {
+ while (true) {
+ char buffer[4096];
+ int num_read = unzReadCurrentFile(uzf, buffer, sizeof(buffer));
+ if (num_read <= 0) {
+ break;
+ }
+ }
+ unzCloseCurrentFile(uzf);
+ }
+
+ if (unzGoToNextFile(uzf) != UNZ_OK) {
+ break;
+ }
+ }
+
+ unzClose(uzf);
+ return 0;
+}