-
Notifications
You must be signed in to change notification settings - Fork 162
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix GzDecoder Write partial filenames and comments #323
Conversation
336558b
to
31c42a4
Compare
After fixing the bug, it took a few iterations to get the size of |
31c42a4
to
66dab99
Compare
If the gzip header contains an optional filename or comment but they are not completely contained in the buffer sent to a `write::GzDecoder`, then a valid header is created, missing data from these optional sections. A subsequent write call will treat the remaining header as encoded data and attempt to decode it, generally causing a panic. This change rewrites the header parsing code to handle partial headers correctly for both `Read` (where `WouldBlock` is handled specially) and `Write` (where `UnexpectedEof` is handled specially).
66dab99
to
3ea8c3d
Compare
Let's run it once more with fuzzing.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks so much for this awesome PR!
Fixing correctness issues is incredibly valuable, especially if they are this subtle! Overall, I feel that the changed implementation is more maintainable as well.
I had a mere hunch that maybe the new GzHeaderState
is causing a degradation of performance as it has a larger footprint, but I didn't have a way to validate that and would choose correctness over performance any day (if there is degradation in the first place). This comment also indicates that the opposite might effectively be the case, but maybe it's comparing apples to oranges.
I'd also like to add that I ran the two new tests in main
and they failed as expected, whereas everything (still) works in this PR.
Since this PR has never received any comment before its creation in late 2022, nor after its update in May, I am willing to take a leap and merge it on what appears to by my judgement alone. I also hope that @jongiddy will continue to support this project with their expertise should any issues show up.
I will merge this PR once CI passed, this time it will run with additional fuzzing (3 minutes would hopefully catch obvious issues.
Thanks for merging. It is a pleasant surprise when a well-aged PR finally gets merged. This patch has been running with no problems in our infrastructure for 9 months, so I'm reasonably confident that it is an improvement with no major downsides. |
chore(deps): update compatible [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [anyhow](https://togithub.com/dtolnay/anyhow) | workspace.dependencies | patch | `1.0.72` -> `1.0.75` | | [base64](https://togithub.com/marshallpierce/rust-base64) | workspace.dependencies | patch | `0.21.2` -> `0.21.3` | | [bytesize](https://togithub.com/hyunsik/bytesize) | workspace.dependencies | minor | `1.2` -> `1.3` | | [clap](https://togithub.com/clap-rs/clap) | workspace.dependencies | minor | `4.3.23` -> `4.4.2` | | [filetime](https://togithub.com/alexcrichton/filetime) | workspace.dependencies | patch | `0.2.21` -> `0.2.22` | | [flate2](https://togithub.com/rust-lang/flate2-rs) | workspace.dependencies | patch | `1.0.26` -> `1.0.27` | | [memchr](https://togithub.com/BurntSushi/memchr) | workspace.dependencies | minor | `2.5.0` -> `2.6.2` | | [openssl](https://togithub.com/sfackler/rust-openssl) | workspace.dependencies | patch | `0.10.55` -> `0.10.57` | | [serde-untagged](https://togithub.com/dtolnay/serde-untagged) | workspace.dependencies | patch | `0.1.0` -> `0.1.1` | | [serde_json](https://togithub.com/serde-rs/json) | workspace.dependencies | patch | `1.0.104` -> `1.0.105` | | [snapbox](https://togithub.com/assert-rs/trycmd/tree/main/crates/snapbox) ([source](https://togithub.com/assert-rs/trycmd)) | workspace.dependencies | patch | `0.4.11` -> `0.4.12` | | [syn](https://togithub.com/dtolnay/syn) | workspace.dependencies | patch | `2.0.28` -> `2.0.29` | | [tar](https://togithub.com/alexcrichton/tar-rs) | workspace.dependencies | patch | `0.4.39` -> `0.4.40` | | [tempfile](https://stebalien.com/projects/tempfile-rs/) ([source](https://togithub.com/Stebalien/tempfile)) | workspace.dependencies | minor | `3.7.0` -> `3.8.0` | | [thiserror](https://togithub.com/dtolnay/thiserror) | workspace.dependencies | patch | `1.0.44` -> `1.0.47` | | [unicase](https://togithub.com/seanmonstar/unicase) | workspace.dependencies | minor | `2.6.0` -> `2.7.0` | | [url](https://togithub.com/servo/rust-url) | workspace.dependencies | patch | `2.4.0` -> `2.4.1` | --- ### Release Notes <details> <summary>dtolnay/anyhow (anyhow)</summary> ### [`v1.0.75`](https://togithub.com/dtolnay/anyhow/releases/tag/1.0.75) [Compare Source](https://togithub.com/dtolnay/anyhow/compare/1.0.74...1.0.75) - Partially work around rust-analyzer bug ([/~https://github.com/rust-lang/rust-analyzer/issues/9911](https://togithub.com/rust-lang/rust-analyzer/issues/9911)) ### [`v1.0.74`](https://togithub.com/dtolnay/anyhow/releases/tag/1.0.74) [Compare Source](https://togithub.com/dtolnay/anyhow/compare/1.0.73...1.0.74) - Add bootstrap workaround to allow rustc to depend on anyhow ([#​320](https://togithub.com/dtolnay/anyhow/issues/320), thanks [`@​RalfJung](https://togithub.com/RalfJung))` ### [`v1.0.73`](https://togithub.com/dtolnay/anyhow/releases/tag/1.0.73) [Compare Source](https://togithub.com/dtolnay/anyhow/compare/1.0.72...1.0.73) - Update backtrace support to nightly's new Error::provide API ([/~https://github.com/rust-lang/rust/pull/113464](https://togithub.com/rust-lang/rust/pull/113464), [#​319](https://togithub.com/dtolnay/anyhow/issues/319)) </details> <details> <summary>marshallpierce/rust-base64 (base64)</summary> ### [`v0.21.3`](https://togithub.com/marshallpierce/rust-base64/blob/HEAD/RELEASE-NOTES.md#0213) [Compare Source](https://togithub.com/marshallpierce/rust-base64/compare/v0.21.2...v0.21.3) - Implement `source` instead of `cause` on Error types - Roll back MSRV to 1.48.0 so Debian can continue to live in a time warp - Slightly faster chunked encoding for short inputs - Decrease binary size </details> <details> <summary>hyunsik/bytesize (bytesize)</summary> ### [`v1.3.0`](https://togithub.com/hyunsik/bytesize/releases/tag/v1.3.0): Release 1.3.0 [Compare Source](https://togithub.com/hyunsik/bytesize/compare/v1.2.0...v1.3.0) #### Changes - Improved performance by eliminating String creation by utilizing the original \&str slice [#​31](https://togithub.com/hyunsik/bytesize/issues/31) ([`@​ChanTsune](https://togithub.com/ChanTsune))` </details> <details> <summary>clap-rs/clap (clap)</summary> ### [`v4.4.2`](https://togithub.com/clap-rs/clap/blob/HEAD/CHANGELOG.md#442---2023-08-31) [Compare Source](https://togithub.com/clap-rs/clap/compare/v4.4.1...v4.4.2) ##### Performance - Improve build times by removing `once_cell` dependency ### [`v4.4.1`](https://togithub.com/clap-rs/clap/blob/HEAD/CHANGELOG.md#441---2023-08-28) [Compare Source](https://togithub.com/clap-rs/clap/compare/v4.4.0...v4.4.1) ##### Features - Stabilize `Command::styles` ### [`v4.4.0`](https://togithub.com/clap-rs/clap/blob/HEAD/CHANGELOG.md#440---2023-08-24) [Compare Source](https://togithub.com/clap-rs/clap/compare/v4.3.24...v4.4.0) ##### Compatibility - Update MSRV to 1.70.0 ### [`v4.3.24`](https://togithub.com/clap-rs/clap/blob/HEAD/CHANGELOG.md#4324---2023-08-23) [Compare Source](https://togithub.com/clap-rs/clap/compare/v4.3.23...v4.3.24) ##### Fixes - Ensure column padding is preserved in `--help` with custom templates </details> <details> <summary>alexcrichton/filetime (filetime)</summary> ### [`v0.2.22`](https://togithub.com/alexcrichton/filetime/compare/0.2.21...0.2.22) [Compare Source](https://togithub.com/alexcrichton/filetime/compare/0.2.21...0.2.22) </details> <details> <summary>rust-lang/flate2-rs (flate2)</summary> ### [`v1.0.27`](https://togithub.com/rust-lang/flate2-rs/releases/tag/1.0.27) [Compare Source](https://togithub.com/rust-lang/flate2-rs/compare/1.0.26...1.0.27) #### What's Changed - Move GzHeader into GzState by [`@​jongiddy](https://togithub.com/jongiddy)` in [/~https://github.com/rust-lang/flate2-rs/pull/344](https://togithub.com/rust-lang/flate2-rs/pull/344) - Move blocked_partial_header_read test to read module by [`@​jongiddy](https://togithub.com/jongiddy)` in [/~https://github.com/rust-lang/flate2-rs/pull/345](https://togithub.com/rust-lang/flate2-rs/pull/345) - Move gzip header parsing out of bufread module by [`@​jongiddy](https://togithub.com/jongiddy)` in [/~https://github.com/rust-lang/flate2-rs/pull/346](https://togithub.com/rust-lang/flate2-rs/pull/346) - Fix a comment on the `Compression` struct by [`@​JohnTitor](https://togithub.com/JohnTitor)` in [/~https://github.com/rust-lang/flate2-rs/pull/351](https://togithub.com/rust-lang/flate2-rs/pull/351) - Add notes about multiple streams to `GzDecoder` by [`@​JohnTitor](https://togithub.com/JohnTitor)` in [/~https://github.com/rust-lang/flate2-rs/pull/347](https://togithub.com/rust-lang/flate2-rs/pull/347) - better error message when compiling with `--no-default-features` or `default-features = false` by [`@​Byron](https://togithub.com/Byron)` in [/~https://github.com/rust-lang/flate2-rs/pull/360](https://togithub.com/rust-lang/flate2-rs/pull/360) - Fix Read encoder examples by [`@​markgoddard](https://togithub.com/markgoddard)` in [/~https://github.com/rust-lang/flate2-rs/pull/356](https://togithub.com/rust-lang/flate2-rs/pull/356) - Add CIFuzz Github action by [`@​DavidKorczynski](https://togithub.com/DavidKorczynski)` in [/~https://github.com/rust-lang/flate2-rs/pull/326](https://togithub.com/rust-lang/flate2-rs/pull/326) - Fix GzDecoder Write partial filenames and comments by [`@​jongiddy](https://togithub.com/jongiddy)` in [/~https://github.com/rust-lang/flate2-rs/pull/323](https://togithub.com/rust-lang/flate2-rs/pull/323) - Fix header CRC calculation of trailing zeros by [`@​jongiddy](https://togithub.com/jongiddy)` in [/~https://github.com/rust-lang/flate2-rs/pull/363](https://togithub.com/rust-lang/flate2-rs/pull/363) - Fix broken link on README.md by [`@​wcampbell0x2a](https://togithub.com/wcampbell0x2a)` in [/~https://github.com/rust-lang/flate2-rs/pull/366](https://togithub.com/rust-lang/flate2-rs/pull/366) - Recommend MultiGzDecoder over GzDecoder in docs by [`@​jsha](https://togithub.com/jsha)` in [/~https://github.com/rust-lang/flate2-rs/pull/324](https://togithub.com/rust-lang/flate2-rs/pull/324) - Add functionality for custom (de)compress instances by [`@​PierreV23](https://togithub.com/PierreV23)` in [/~https://github.com/rust-lang/flate2-rs/pull/361](https://togithub.com/rust-lang/flate2-rs/pull/361) - Add maintenance document by [`@​Byron](https://togithub.com/Byron)` in [/~https://github.com/rust-lang/flate2-rs/pull/362](https://togithub.com/rust-lang/flate2-rs/pull/362) - Document that `read::GzDecoder` consumes bytes after end of gzip by [`@​jongiddy](https://togithub.com/jongiddy)` in [/~https://github.com/rust-lang/flate2-rs/pull/367](https://togithub.com/rust-lang/flate2-rs/pull/367) - prepare 1.0.27 release by [`@​Byron](https://togithub.com/Byron)` in [/~https://github.com/rust-lang/flate2-rs/pull/369](https://togithub.com/rust-lang/flate2-rs/pull/369) #### New Contributors - [`@​Byron](https://togithub.com/Byron)` made their first contribution in [/~https://github.com/rust-lang/flate2-rs/pull/360](https://togithub.com/rust-lang/flate2-rs/pull/360) - [`@​markgoddard](https://togithub.com/markgoddard)` made their first contribution in [/~https://github.com/rust-lang/flate2-rs/pull/356](https://togithub.com/rust-lang/flate2-rs/pull/356) - [`@​jsha](https://togithub.com/jsha)` made their first contribution in [/~https://github.com/rust-lang/flate2-rs/pull/324](https://togithub.com/rust-lang/flate2-rs/pull/324) - [`@​PierreV23](https://togithub.com/PierreV23)` made their first contribution in [/~https://github.com/rust-lang/flate2-rs/pull/361](https://togithub.com/rust-lang/flate2-rs/pull/361) **Full Changelog**: rust-lang/flate2-rs@1.0.26...1.0.27 </details> <details> <summary>BurntSushi/memchr (memchr)</summary> ### [`v2.6.2`](https://togithub.com/BurntSushi/memchr/compare/2.6.1...2.6.2) [Compare Source](https://togithub.com/BurntSushi/memchr/compare/2.6.1...2.6.2) ### [`v2.6.1`](https://togithub.com/BurntSushi/memchr/compare/2.6.0...2.6.1) [Compare Source](https://togithub.com/BurntSushi/memchr/compare/2.6.0...2.6.1) ### [`v2.6.0`](https://togithub.com/BurntSushi/memchr/compare/2.5.0...2.6.0) [Compare Source](https://togithub.com/BurntSushi/memchr/compare/2.5.0...2.6.0) </details> <details> <summary>sfackler/rust-openssl (openssl)</summary> ### [`v0.10.57`](https://togithub.com/sfackler/rust-openssl/releases/tag/openssl-v0.10.57) [Compare Source](https://togithub.com/sfackler/rust-openssl/compare/openssl-v0.10.56...openssl-v0.10.57) #### What's Changed - Expose chacha20\_poly1305 on LibreSSL by [`@​alex](https://togithub.com/alex)` in [/~https://github.com/sfackler/rust-openssl/pull/2011](https://togithub.com/sfackler/rust-openssl/pull/2011) - Add openssl::cipher_ctx::CipherCtx::clone by [`@​johntyner](https://togithub.com/johntyner)` in [/~https://github.com/sfackler/rust-openssl/pull/2017](https://togithub.com/sfackler/rust-openssl/pull/2017) - Add X509VerifyParam::set_email by [`@​dhouck](https://togithub.com/dhouck)` in [/~https://github.com/sfackler/rust-openssl/pull/2018](https://togithub.com/sfackler/rust-openssl/pull/2018) - Add perl-FindBin dep for fedora by [`@​JadedBlueEyes](https://togithub.com/JadedBlueEyes)` in [/~https://github.com/sfackler/rust-openssl/pull/2023](https://togithub.com/sfackler/rust-openssl/pull/2023) - Update to bitflags 2.2.1. by [`@​qwandor](https://togithub.com/qwandor)` in [/~https://github.com/sfackler/rust-openssl/pull/1906](https://togithub.com/sfackler/rust-openssl/pull/1906) - Release openssl v0.10.57 and openssl-sys v0.9.92 by [`@​alex](https://togithub.com/alex)` in [/~https://github.com/sfackler/rust-openssl/pull/2025](https://togithub.com/sfackler/rust-openssl/pull/2025) #### New Contributors - [`@​johntyner](https://togithub.com/johntyner)` made their first contribution in [/~https://github.com/sfackler/rust-openssl/pull/2017](https://togithub.com/sfackler/rust-openssl/pull/2017) - [`@​dhouck](https://togithub.com/dhouck)` made their first contribution in [/~https://github.com/sfackler/rust-openssl/pull/2018](https://togithub.com/sfackler/rust-openssl/pull/2018) - [`@​JadedBlueEyes](https://togithub.com/JadedBlueEyes)` made their first contribution in [/~https://github.com/sfackler/rust-openssl/pull/2023](https://togithub.com/sfackler/rust-openssl/pull/2023) - [`@​qwandor](https://togithub.com/qwandor)` made their first contribution in [/~https://github.com/sfackler/rust-openssl/pull/1906](https://togithub.com/sfackler/rust-openssl/pull/1906) **Full Changelog**: sfackler/rust-openssl@openssl-v0.10.56...openssl-v0.10.57 ### [`v0.10.56`](https://togithub.com/sfackler/rust-openssl/releases/tag/openssl-v0.10.56): openssl v0.10.56 [Compare Source](https://togithub.com/sfackler/rust-openssl/compare/openssl-v0.10.55...openssl-v0.10.56) </details> <details> <summary>dtolnay/serde-untagged (serde-untagged)</summary> ### [`v0.1.1`](https://togithub.com/dtolnay/serde-untagged/compare/0.1.0...0.1.1) [Compare Source](https://togithub.com/dtolnay/serde-untagged/compare/0.1.0...0.1.1) </details> <details> <summary>serde-rs/json (serde_json)</summary> ### [`v1.0.105`](https://togithub.com/serde-rs/json/releases/tag/v1.0.105) [Compare Source](https://togithub.com/serde-rs/json/compare/v1.0.104...v1.0.105) - Support bool in map keys ([#​1054](https://togithub.com/serde-rs/json/issues/1054)) </details> <details> <summary>assert-rs/trycmd (snapbox)</summary> ### [`v0.4.12`](https://togithub.com/assert-rs/trycmd/compare/snapbox-v0.4.11...snapbox-v0.4.12) [Compare Source](https://togithub.com/assert-rs/trycmd/compare/snapbox-v0.4.11...snapbox-v0.4.12) </details> <details> <summary>dtolnay/syn (syn)</summary> ### [`v2.0.29`](https://togithub.com/dtolnay/syn/releases/tag/2.0.29) [Compare Source](https://togithub.com/dtolnay/syn/compare/2.0.28...2.0.29) - Partially work around rust-analyzer bug ([/~https://github.com/rust-lang/rust-analyzer/issues/9911](https://togithub.com/rust-lang/rust-analyzer/issues/9911)) </details> <details> <summary>alexcrichton/tar-rs (tar)</summary> ### [`v0.4.40`](https://togithub.com/alexcrichton/tar-rs/compare/0.4.39...0.4.40) [Compare Source](https://togithub.com/alexcrichton/tar-rs/compare/0.4.39...0.4.40) </details> <details> <summary>Stebalien/tempfile (tempfile)</summary> ### [`v3.8.0`](https://togithub.com/Stebalien/tempfile/blob/HEAD/CHANGELOG.md#380) [Compare Source](https://togithub.com/Stebalien/tempfile/compare/v3.7.1...v3.8.0) - Added `with_prefix` and `with_prefix_in` to `TempDir` and `NamedTempFile` to make it easier to create temporary files/directories with nice prefixes. - Misc cleanups. ### [`v3.7.1`](https://togithub.com/Stebalien/tempfile/blob/HEAD/CHANGELOG.md#371) [Compare Source](https://togithub.com/Stebalien/tempfile/compare/v3.7.0...v3.7.1) - Tempfile builds on haiku again. - Under the hood, we've switched from the unlinkat/linkat syscalls to the regular unlink/link syscalls where possible. </details> <details> <summary>dtolnay/thiserror (thiserror)</summary> ### [`v1.0.47`](https://togithub.com/dtolnay/thiserror/releases/tag/1.0.47) [Compare Source](https://togithub.com/dtolnay/thiserror/compare/1.0.46...1.0.47) - Work around rust-analyzer bug ([/~https://github.com/rust-lang/rust-analyzer/issues/9911](https://togithub.com/rust-lang/rust-analyzer/issues/9911)) ### [`v1.0.46`](https://togithub.com/dtolnay/thiserror/releases/tag/1.0.46) [Compare Source](https://togithub.com/dtolnay/thiserror/compare/1.0.45...1.0.46) - Add bootstrap workaround to allow rustc to depend on thiserror ([#​248](https://togithub.com/dtolnay/thiserror/issues/248), thanks [`@​RalfJung](https://togithub.com/RalfJung))` ### [`v1.0.45`](https://togithub.com/dtolnay/thiserror/releases/tag/1.0.45) [Compare Source](https://togithub.com/dtolnay/thiserror/compare/1.0.44...1.0.45) - Update backtrace support to nightly's new Error::provide API ([/~https://github.com/rust-lang/rust/pull/113464](https://togithub.com/rust-lang/rust/pull/113464), [#​246](https://togithub.com/dtolnay/thiserror/issues/246)) </details> <details> <summary>seanmonstar/unicase (unicase)</summary> ### [`v2.7.0`](https://togithub.com/seanmonstar/unicase/releases/tag/v2.7.0) [Compare Source](https://togithub.com/seanmonstar/unicase/compare/v2.6.0...v2.7.0) #### What's Changed - Update to Unicode 15.0.0 by [`@​seanmonstar](https://togithub.com/seanmonstar)` in [/~https://github.com/seanmonstar/unicase/pull/59](https://togithub.com/seanmonstar/unicase/pull/59) </details> <details> <summary>servo/rust-url (url)</summary> ### [`v2.4.1`](https://togithub.com/servo/rust-url/releases/tag/v2.4.1) [Compare Source](https://togithub.com/servo/rust-url/compare/v2.4.0...v2.4.1) ##### What's Changed - Move debugger_visualizer tests to separate crate by [`@​lucacasonato](https://togithub.com/lucacasonato)` in [/~https://github.com/servo/rust-url/pull/853](https://togithub.com/servo/rust-url/pull/853) - Remove obsolete badge references by [`@​atouchet](https://togithub.com/atouchet)` in [/~https://github.com/servo/rust-url/pull/852](https://togithub.com/servo/rust-url/pull/852) - Fix trailing spaces in scheme / pathname / search setters by [`@​lucacasonato](https://togithub.com/lucacasonato)` in [/~https://github.com/servo/rust-url/pull/848](https://togithub.com/servo/rust-url/pull/848) - fix: implement std::error::Error for data-url by [`@​lucacasonato](https://togithub.com/lucacasonato)` in [/~https://github.com/servo/rust-url/pull/698](https://togithub.com/servo/rust-url/pull/698) - Enable the GitHub merge queue by [`@​mrobinson](https://togithub.com/mrobinson)` in [/~https://github.com/servo/rust-url/pull/851](https://togithub.com/servo/rust-url/pull/851) - Rewrite WPT runner by [`@​lucacasonato](https://togithub.com/lucacasonato)` in [/~https://github.com/servo/rust-url/pull/857](https://togithub.com/servo/rust-url/pull/857) - Implement std::error::Error for InvalidBase64 by [`@​lucacasonato](https://togithub.com/lucacasonato)` in [/~https://github.com/servo/rust-url/pull/856](https://togithub.com/servo/rust-url/pull/856) - Add `--generate-link-to-definition` option when building on docs.rs by [`@​GuillaumeGomez](https://togithub.com/GuillaumeGomez)` in [/~https://github.com/servo/rust-url/pull/858](https://togithub.com/servo/rust-url/pull/858) - Stabilize debugger_visualizer feature by [`@​lucacasonato](https://togithub.com/lucacasonato)` in [/~https://github.com/servo/rust-url/pull/855](https://togithub.com/servo/rust-url/pull/855) - Update WPT data and expectations by [`@​lucacasonato](https://togithub.com/lucacasonato)` in [/~https://github.com/servo/rust-url/pull/859](https://togithub.com/servo/rust-url/pull/859) - Fix no_std Support for idna by [`@​domenukk](https://togithub.com/domenukk)` in [/~https://github.com/servo/rust-url/pull/843](https://togithub.com/servo/rust-url/pull/843) - Fix panic in set_path for file URLs by [`@​valenting](https://togithub.com/valenting)` in [/~https://github.com/servo/rust-url/pull/865](https://togithub.com/servo/rust-url/pull/865) ##### New Contributors - [`@​mrobinson](https://togithub.com/mrobinson)` made their first contribution in [/~https://github.com/servo/rust-url/pull/851](https://togithub.com/servo/rust-url/pull/851) - [`@​GuillaumeGomez](https://togithub.com/GuillaumeGomez)` made their first contribution in [/~https://github.com/servo/rust-url/pull/858](https://togithub.com/servo/rust-url/pull/858) - [`@​domenukk](https://togithub.com/domenukk)` made their first contribution in [/~https://github.com/servo/rust-url/pull/843](https://togithub.com/servo/rust-url/pull/843) **Full Changelog**: servo/rust-url@v2.4.0...v2.4.1 </details> --- ### Configuration 📅 **Schedule**: Branch creation - "before 5am on the first day of the month" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/rust-lang/cargo). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNi42OC4xIiwidXBkYXRlZEluVmVyIjoiMzYuNjguMSIsInRhcmdldEJyYW5jaCI6Im1hc3RlciJ9-->
If the gzip header contains an optional filename or comment but they are not completely contained in the first buffer sent to a
write::GzDecoder
, then a valid header is created, missing data from these optional sections. A subsequent write call with the remaining header will treat the remaining header as encoded data and attempt to decode it, making the file appear to be corrupt.This change rewrites the header parsing code to handle partial headers correctly for both
Read
(whereWouldBlock
is handled specially) andWrite
(whereUnexpectedEof
is handled specially).The parsing code moves from
bufread.rs
tomod.rs
to emphasize that it is also used bywrite.rs
.write.rs
no longer uses any symbols frombufread.rs
.The only test in
bufread.rs
testedBuffer
which is no longer needed, so it was removed. The support code in thebufread
tests module was used by a test inmod.rs
which tests aread::GzDecoder
so the support code and the test move toread.rs
.Fixes #320