Fix important bugs in redbean

This change upgrades to the latest Chromium Zlib, fixes bugs in redbean, and introduces better support for reverse proxies like Cloudflare. This change improves the security of redbean and it's recommended that users upgrade to the release that'll follow. This change also updates the docs to clarify how to use the security tools redbean provides e.g. pledge(), unveil(), and the MODE=asan builds which improve memory safety.
2025-05-24 06:12:27 +00:00 · 2022-09-17 01:37:33 -07:00 · 2022-09-17 01:37:33 -07:00 · 775944a2d0
commit 775944a2d0
parent 994e1f4386
42 changed files with 8148 additions and 7298 deletions
--- a/third_party/zlib/inftrees.internal.h
+++ b/third_party/zlib/inftrees.internal.h
@ -1,29 +1,21 @@
-#ifndef COSMOPOLITAN_THIRD_PARTY_ZLIB_INFTREES_H_
-#define COSMOPOLITAN_THIRD_PARTY_ZLIB_INFTREES_H_
+#ifndef COSMOPOLITAN_THIRD_PARTY_ZLIB_INFTREES_INTERNAL_H_
+#define COSMOPOLITAN_THIRD_PARTY_ZLIB_INFTREES_INTERNAL_H_
+#include "third_party/zlib/macros.internal.h"
+#include "third_party/zlib/zutil.internal.h"
+#if !(__ASSEMBLER__ + __LINKER__ + 0)
+COSMOPOLITAN_C_START_
+/* clang-format off */
+
+/* inftrees.h -- header to use inftrees.c
+ * Copyright (C) 1995-2005, 2010 Mark Adler
+ * For conditions of distribution and use, see copyright notice in zlib.h
+ */

 /* WARNING: this file should *not* be used by applications. It is
   part of the implementation of the compression library and is
   subject to change. Applications should only use zlib.h.
 */

-/* Maximum size of the dynamic table.  The maximum number of code structures is
-   1444, which is the sum of 852 for literal/length codes and 592 for distance
-   codes.  These values were found by exhaustive searches using the program
-   examples/enough.c found in the zlib distribtution.  The arguments to that
-   program are the number of symbols, the initial root table size, and the
-   maximum bit length of a code.  "enough 286 9 15" for literal/length codes
-   returns returns 852, and "enough 30 6 15" for distance codes returns 592.
-   The initial root table size (9 or 6) is found in the fifth argument of the
-   inflate_table() calls in inflate.c and infback.c.  If the root table size is
-   changed, then these maximum sizes would be need to be recalculated and
-   updated. */
-#define ENOUGH_LENS 852
-#define ENOUGH_DISTS 592
-#define ENOUGH (ENOUGH_LENS + ENOUGH_DISTS)
-
-#if !(__ASSEMBLER__ + __LINKER__ + 0)
-COSMOPOLITAN_C_START_
-
 /* Structure for decoding tables.  Each entry provides either the
   information needed to do the operation requested by the code that
   indexed that table entry, or it provides a pointer to another
@ -37,14 +29,11 @@ COSMOPOLITAN_C_START_
   of the bit buffer.  val is the actual byte to output in the case
   of a literal, the base length or distance, or the offset from
   the current table to the next table.  Each entry is four bytes. */
-struct zcode {
-  unsigned char op;   /* operation, extra bits, table bits */
-  unsigned char bits; /* bits in this part of the code */
-  unsigned short val; /* offset in table or code value */
-};
-
-extern const struct zcode kZlibLenfix[512] hidden;
-extern const struct zcode kZlibDistfix[32] hidden;
+typedef struct {
+    unsigned char op;           /* operation, extra bits, table bits */
+    unsigned char bits;         /* bits in this part of the code */
+    unsigned short val;         /* offset in table or code value */
+} code;

 /* op values as set by inflate_table():
    00000000 - literal
@ -54,13 +43,32 @@ extern const struct zcode kZlibDistfix[32] hidden;
    01000000 - invalid code
 */

-/* Type of code to build for inflate_table() */
-typedef enum { CODES, LENS, DISTS } zcodetype;
+/* Maximum size of the dynamic table.  The maximum number of code structures is
+   1924, which is the sum of 1332 for literal/length codes and 592 for distance
+   codes.  These values were found by exhaustive searches using the program
+   examples/enough.c found in the zlib distribution.  The arguments to that
+   program are the number of symbols, the initial root table size, and the
+   maximum bit length of a code.  "enough 286 10 15" for literal/length codes
+   returns returns 1332, and "enough 30 9 15" for distance codes returns 592.
+   The initial root table size (10 or 9) is found in the fifth argument of the
+   inflate_table() calls in inflate.c and infback.c.  If the root table size is
+   changed, then these maximum sizes would be need to be recalculated and
+   updated. */
+#define ENOUGH_LENS 1332
+#define ENOUGH_DISTS 592
+#define ENOUGH (ENOUGH_LENS+ENOUGH_DISTS)

-int inflate_table(zcodetype type, unsigned short *lens, unsigned codes,
-                  struct zcode **table, unsigned *bits,
-                  unsigned short *work) hidden;
+/* Type of code to build for inflate_table() */
+typedef enum {
+    CODES,
+    LENS,
+    DISTS
+} codetype;
+
+int ZLIB_INTERNAL inflate_table OF((codetype type, unsigned short FAR *lens,
+                             unsigned codes, code FAR * FAR *table,
+                             unsigned FAR *bits, unsigned short FAR *work));

 COSMOPOLITAN_C_END_
 #endif /* !(__ASSEMBLER__ + __LINKER__ + 0) */
-#endif /* COSMOPOLITAN_THIRD_PARTY_ZLIB_INFTREES_H_ */
+#endif /* COSMOPOLITAN_THIRD_PARTY_ZLIB_INFTREES_INTERNAL_H_ */