1From 92537ee19784e0e545f06d89b7d89ab532a18cff Mon Sep 17 00:00:00 2001 2From: Hans Wennborg <hans@chromium.org> 3Date: Tue, 3 Nov 2020 15:54:09 +0100 4Subject: [PATCH] [zlib] Zero-initialize the window used for deflation 5 6Otherwise MSan complains about use-of-uninitialized values in the 7window. 8This happens in both regular deflate's longest_match and deflate_rle. 9 10Before crrev.com/822755 we used to suppress those reports, but it seems 11better to fix it properly. That will also allow us to catch other 12potential issues with MSan in these functions. 13 14The instances of this that we've seen only reproduce with 15fill_window_sse(), not with the regular fill_window() function. Since 16the former doesn't exist in upstream zlib, I'm not planning to send this 17patch upstream. 18 19Bug: 1137613, 1144420 20--- 21 third_party/zlib/deflate.c | 3 +++ 22 1 file changed, 3 insertions(+) 23 24diff --git a/third_party/zlib/deflate.c b/third_party/zlib/deflate.c 25index 8bf93e524875..fc7ae45905ff 100644 26--- a/third_party/zlib/deflate.c 27+++ b/third_party/zlib/deflate.c 28@@ -321,6 +321,9 @@ int ZEXPORT deflateInit2_(strm, level, method, windowBits, memLevel, strategy, 29 s->window = (Bytef *) ZALLOC(strm, 30 s->w_size + window_padding, 31 2*sizeof(Byte)); 32+ /* Avoid use of unitialized values in the window, see crbug.com/1137613 and 33+ * crbug.com/1144420 */ 34+ zmemzero(s->window, (s->w_size + window_padding) * (2 * sizeof(Byte))); 35 s->prev = (Posf *) ZALLOC(strm, s->w_size, sizeof(Pos)); 36 /* Avoid use of uninitialized value, see: 37 * https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11360 38-- 392.29.1.341.ge80a0c044ae-goog 40 41