From 688ec13c459602d475bccd3638a6802dc0a6ce23 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Wed, 27 Jul 2016 12:39:27 +0200 Subject: zlib: Protect against non-empty port internal buffers. * guix/zlib.scm (make-gzip-input-port)[gzfile]: Error out if (drain-input port) returns a non-empty string. * guix/zlib.scm (make-gzip-output-port)[gzfile]: Call 'force-output'. --- guix/zlib.scm | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) diff --git a/guix/zlib.scm b/guix/zlib.scm index 40f5294ceb..74420129f6 100644 --- a/guix/zlib.scm +++ b/guix/zlib.scm @@ -168,9 +168,18 @@ closed even if closing GZFILE triggers an exception." "Return an input port that decompresses data read from PORT, a file port. PORT is automatically closed when the resulting port is closed. BUFFER-SIZE is the size in bytes of the internal buffer, 8 KiB by default; using a larger -buffer increases decompression speed." +buffer increases decompression speed. An error is thrown if PORT contains +buffered input, which would be lost (and is lost anyway)." (define gzfile - (gzdopen (fileno port) "r")) + (match (drain-input port) + ("" ;PORT's buffer is empty + (gzdopen (fileno port) "r")) + (_ + ;; This is unrecoverable but it's better than having the buffered input + ;; be lost, leading to unclear end-of-file or corrupt-data errors down + ;; the path. + (throw 'zlib-error 'make-gzip-input-port + "port contains buffered input" port)))) (define (read! bv start count) (gzread! gzfile bv start count)) @@ -189,8 +198,10 @@ buffer increases decompression speed." a file port, as its sink. PORT is automatically closed when the resulting port is closed." (define gzfile - (gzdopen (fileno port) - (string-append "w" (number->string level)))) + (begin + (force-output port) ;empty PORT's buffer + (gzdopen (fileno port) + (string-append "w" (number->string level))))) (define (write! bv start count) (gzwrite gzfile bv start count)) -- cgit v1.2.3