diff options
author | Sorah Fukumori <sorah@cookpad.com> | 2023-08-11 05:12:06 +0900 |
---|---|---|
committer | git <svn-admin@ruby-lang.org> | 2023-08-10 20:12:21 +0000 |
commit | d2864ca330f7cc7f879e737a817e1161bead65c3 (patch) | |
tree | 3dab3f7584482fff678d8cfb08a121d9ddb027c4 | |
parent | b5b34c1f84ffbc87004d4761621040e3ceb3542d (diff) |
[ruby/zlib] Zlib.gunzip should not fail with utf-8 strings
(https://github.com/ruby/zlib/pull/55)
zstream_discard_input was encoding and character-aware when given input is user-provided, so this discards `len` chars instead of `len` bytes.
Also Zlib.gunzip explains in its rdoc that it is equivalent with the following code, but this doesn't fail for UTF-8 String.
```ruby
string = %w[1f8b0800c28000000003cb48cdc9c9070086a6103605000000].pack("H*").force_encoding('UTF-8')
sio = StringIO.new(string)
p gz.read #=> "hello"
gz&.close
p Zlib.gunzip(string) #=> Zlib::DataError
```
Reported and discovered by eagletmt at https://twitter.com/eagletmt/status/1689692467929694209
https://github.com/ruby/zlib/commit/c5e58bc62a
-rw-r--r-- | ext/zlib/zlib.c | 2 | ||||
-rw-r--r-- | test/zlib/test_zlib.rb | 7 |
2 files changed, 8 insertions, 1 deletions
diff --git a/ext/zlib/zlib.c b/ext/zlib/zlib.c index aefdba0ebd..ef6e8921ba 100644 --- a/ext/zlib/zlib.c +++ b/ext/zlib/zlib.c @@ -923,7 +923,7 @@ zstream_discard_input(struct zstream *z, long len) z->input = Qnil; } else { - z->input = rb_str_substr(z->input, len, + z->input = rb_str_subseq(z->input, len, RSTRING_LEN(z->input) - len); } } diff --git a/test/zlib/test_zlib.rb b/test/zlib/test_zlib.rb index ccb8b3834e..464141f7d4 100644 --- a/test/zlib/test_zlib.rb +++ b/test/zlib/test_zlib.rb @@ -1457,6 +1457,13 @@ if defined? Zlib assert_raise(Zlib::GzipFile::Error){ Zlib.gunzip(src) } end + # Zlib.gunzip input is always considered a binary string, regardless of its String#encoding. + def test_gunzip_encoding + # vvvvvvvv = mtime, but valid UTF-8 string of U+0080 + src = %w[1f8b0800c28000000003cb48cdc9c9070086a6103605000000].pack("H*").force_encoding('UTF-8') + assert_equal 'hello', Zlib.gunzip(src.freeze) + end + def test_gunzip_no_memory_leak assert_no_memory_leak(%[-rzlib], "#{<<~"{#"}", "#{<<~'};'}") d = Zlib.gzip("data") |