zlib-ng
diff --git a/‎configure
Lines changed: 9 additions & 176 deletions b/‎configure
Lines changed: 9 additions & 176 deletions
diff --git a/‎crc32.c
Lines changed: 1 addition & 1 deletion b/‎crc32.c
Lines changed: 1 addition & 1 deletion
diff --git a/‎deflate.h
Lines changed: 1 addition & 1 deletion b/‎deflate.h
Lines changed: 1 addition & 1 deletion
diff --git a/‎gzguts.h
Lines changed: 7 additions & 23 deletions b/‎gzguts.h
Lines changed: 7 additions & 23 deletions
diff --git a/‎gzlib.c
Lines changed: 0 additions & 14 deletions b/‎gzlib.c
Lines changed: 0 additions & 14 deletions
@@ -551,193 +551,26 @@ fi
 
 echo >> configure.log
 
-# conduct a series of tests to resolve eight possible cases of using "vs" or "s" printf functions
-# (using stdarg or not), with or without "n" (proving size of buffer), and with or without a
-# return value.  The most secure result is vsnprintf() with a return value.  snprintf() with a
-# return value is secure as well, but then gzprintf() will be limited to 20 arguments.
+# Check for ANSI C compliant compiler
 cat > $test.c <<EOF
 #include <stdio.h>
 #include <stdarg.h>
 #include "zconf.h"
 int main()
 {
-#ifndef STDC
-  choke me
-#endif
+#ifdef STDC
   return 0;
+#endif
+  return 1;
 }
 EOF
 if try $CC -c $CFLAGS $test.c; then
-  echo "Checking whether to use vs[n]printf() or s[n]printf()... using vs[n]printf()." | tee -a configure.log
-
-  echo >> configure.log
-  cat > $test.c <<EOF
-#include <stdio.h>
-#include <stdarg.h>
-int mytest(const char *fmt, ...)
-{
-  char buf[20];
-  va_list ap;
-  va_start(ap, fmt);
-  vsnprintf(buf, sizeof(buf), fmt, ap);
-  va_end(ap);
-  return 0;
-}
-int main()
-{
-  return (mytest("Hello%d\n", 1));
-}
-EOF
-  if try $CC $CFLAGS -o $test $test.c; then
-    echo "Checking for vsnprintf() in stdio.h... Yes." | tee -a configure.log
-
-    echo >> configure.log
-    cat >$test.c <<EOF
-#include <stdio.h>
-#include <stdarg.h>
-int mytest(const char *fmt, ...)
-{
-  int n;
-  char buf[20];
-  va_list ap;
-  va_start(ap, fmt);
-  n = vsnprintf(buf, sizeof(buf), fmt, ap);
-  va_end(ap);
-  return n;
-}
-int main()
-{
-  return (mytest("Hello%d\n", 1));
-}
-EOF
-
-    if try $CC -c $CFLAGS $test.c; then
-      echo "Checking for return value of vsnprintf()... Yes." | tee -a configure.log
-    else
-      CFLAGS="$CFLAGS -DHAS_vsnprintf_void"
-      SFLAGS="$SFLAGS -DHAS_vsnprintf_void"
-      echo "Checking for return value of vsnprintf()... No." | tee -a configure.log
-      echo "  WARNING: apparently vsnprintf() does not return a value. zlib" | tee -a configure.log
-      echo "  can build but will be open to possible string-format security" | tee -a configure.log
-      echo "  vulnerabilities." | tee -a configure.log
-    fi
-  else
-    CFLAGS="$CFLAGS -DNO_vsnprintf"
-    SFLAGS="$SFLAGS -DNO_vsnprintf"
-    echo "Checking for vsnprintf() in stdio.h... No." | tee -a configure.log
-    echo "  WARNING: vsnprintf() not found, falling back to vsprintf(). zlib" | tee -a configure.log
-    echo "  can build but will be open to possible buffer-overflow security" | tee -a configure.log
-    echo "  vulnerabilities." | tee -a configure.log
-
-    echo >> configure.log
-    cat >$test.c <<EOF
-#include <stdio.h>
-#include <stdarg.h>
-int mytest(const char *fmt, ...)
-{
-  int n;
-  char buf[20];
-  va_list ap;
-  va_start(ap, fmt);
-  n = vsprintf(buf, fmt, ap);
-  va_end(ap);
-  return n;
-}
-int main()
-{
-  return (mytest("Hello%d\n", 1));
-}
-EOF
-
-    if try $CC -c $CFLAGS $test.c; then
-      echo "Checking for return value of vsprintf()... Yes." | tee -a configure.log
-    else
-      CFLAGS="$CFLAGS -DHAS_vsprintf_void"
-      SFLAGS="$SFLAGS -DHAS_vsprintf_void"
-      echo "Checking for return value of vsprintf()... No." | tee -a configure.log
-      echo "  WARNING: apparently vsprintf() does not return a value. zlib" | tee -a configure.log
-      echo "  can build but will be open to possible string-format security" | tee -a configure.log
-      echo "  vulnerabilities." | tee -a configure.log
-    fi
-  fi
+  echo "Checking for ANSI C compliant compiler...  Yes." | tee -a configure.log
+  :
 else
-  echo "Checking whether to use vs[n]printf() or s[n]printf()... using s[n]printf()." | tee -a configure.log
-
-  echo >> configure.log
-  cat >$test.c <<EOF
-#include <stdio.h>
-int mytest()
-{
-  char buf[20];
-  snprintf(buf, sizeof(buf), "%s", "foo");
-  return 0;
-}
-int main()
-{
-  return (mytest());
-}
-EOF
-
-  if try $CC $CFLAGS -o $test $test.c; then
-    echo "Checking for snprintf() in stdio.h... Yes." | tee -a configure.log
-
-    echo >> configure.log
-    cat >$test.c <<EOF
-#include <stdio.h>
-int mytest()
-{
-  char buf[20];
-  return snprintf(buf, sizeof(buf), "%s", "foo");
-}
-int main()
-{
-  return (mytest());
-}
-EOF
-
-    if try $CC -c $CFLAGS $test.c; then
-      echo "Checking for return value of snprintf()... Yes." | tee -a configure.log
-    else
-      CFLAGS="$CFLAGS -DHAS_snprintf_void"
-      SFLAGS="$SFLAGS -DHAS_snprintf_void"
-      echo "Checking for return value of snprintf()... No." | tee -a configure.log
-      echo "  WARNING: apparently snprintf() does not return a value. zlib" | tee -a configure.log
-      echo "  can build but will be open to possible string-format security" | tee -a configure.log
-      echo "  vulnerabilities." | tee -a configure.log
-    fi
-  else
-    CFLAGS="$CFLAGS -DNO_snprintf"
-    SFLAGS="$SFLAGS -DNO_snprintf"
-    echo "Checking for snprintf() in stdio.h... No." | tee -a configure.log
-    echo "  WARNING: snprintf() not found, falling back to sprintf(). zlib" | tee -a configure.log
-    echo "  can build but will be open to possible buffer-overflow security" | tee -a configure.log
-    echo "  vulnerabilities." | tee -a configure.log
-
-    echo >> configure.log
-    cat >$test.c <<EOF
-#include <stdio.h>
-int mytest()
-{
-  char buf[20];
-  return sprintf(buf, "%s", "foo");
-}
-int main()
-{
-  return (mytest());
-}
-EOF
-
-    if try $CC -c $CFLAGS $test.c; then
-      echo "Checking for return value of sprintf()... Yes." | tee -a configure.log
-    else
-      CFLAGS="$CFLAGS -DHAS_sprintf_void"
-      SFLAGS="$SFLAGS -DHAS_sprintf_void"
-      echo "Checking for return value of sprintf()... No." | tee -a configure.log
-      echo "  WARNING: apparently sprintf() does not return a value. zlib" | tee -a configure.log
-      echo "  can build but will be open to possible string-format security" | tee -a configure.log
-      echo "  vulnerabilities." | tee -a configure.log
-    fi
-  fi
+  echo "Checking for ANSI C compliant compiler...  No." | tee -a configure.log
+  echo "Error: ANSI C compatible compiler needed, cannot continue." | tee -a configure.log
+  leave 1
 fi
 
 # see if we can hide zlib internal symbols that are linked between separate source files
 
@@ -28,7 +28,7 @@
 #  endif /* !DYNAMIC_CRC_TABLE */
 #endif /* MAKECRCH */
 
-#include "zutil.h"      /* for STDC definitions */
+#include "zutil.h"
 
 #define local static
 
 
@@ -351,7 +351,7 @@ void ZLIB_INTERNAL bi_windup OF((deflate_state *s));
 #ifndef DEBUG
 /* Inline versions of _tr_tally for speed: */
 
-#if defined(GEN_TREES_H) || !defined(STDC)
+#if defined(GEN_TREES_H)
   extern uch ZLIB_INTERNAL _length_code[];
   extern uch ZLIB_INTERNAL _dist_code[];
 #else
 
@@ -20,11 +20,9 @@
 
 #include <stdio.h>
 #include "zlib.h"
-#ifdef STDC
-#  include <string.h>
-#  include <stdlib.h>
-#  include <limits.h>
-#endif
+#include <string.h>
+#include <stdlib.h>
+#include <limits.h>
 #include <fcntl.h>
 
 #ifdef _WIN32
@@ -46,19 +44,11 @@
 #  define NO_GZCOMPRESS
 #endif
 
-#if defined(STDC99) || defined(__CYGWIN__)
-#  ifndef HAVE_VSNPRINTF
-#    define HAVE_VSNPRINTF
-#  endif
-#endif
-
-#ifndef HAVE_VSNPRINTF
-#  ifdef WIN32
 /* In Win32, vsnprintf is available as the "non-ANSI" _vsnprintf. */
-#    if !defined(vsnprintf) && !defined(NO_vsnprintf)
-#      if !defined(_MSC_VER) || ( defined(_MSC_VER) && _MSC_VER < 1500 )
-#         define vsnprintf _vsnprintf
-#      endif
+#if !defined(STDC99) && !defined(__CYGWIN__) && defined(WIN32)
+#  if !defined(vsnprintf)
+#    if !defined(_MSC_VER) || ( defined(_MSC_VER) && _MSC_VER < 1500 )
+#       define vsnprintf _vsnprintf
 #    endif
 #  endif
 #endif
@@ -76,12 +66,6 @@
 #endif
 /* compile with -Dlocal if your debugger can't find static symbols */
 
-/* gz* functions always use library allocation functions */
-#ifndef STDC
-  extern voidp  malloc OF((uInt size));
-  extern void   free   OF((voidpf ptr));
-#endif
-
 /* get errno and strerror definition */
 #if defined UNDER_CE
 #  include <windows.h>
 
@@ -210,11 +210,7 @@ local gzFile gz_open(path, fd, mode)
             *(state->path) = 0;
     else
 #endif
-#if !defined(NO_snprintf) && !defined(NO_vsnprintf)
         snprintf(state->path, len + 1, "%s", (const char *)path);
-#else
-        strcpy(state->path, path);
-#endif
 
     /* compute the flags for open() */
     oflag =
@@ -290,11 +286,7 @@ gzFile ZEXPORT gzdopen(fd, mode)
 
     if (fd == -1 || (path = (char *)malloc(7 + 3 * sizeof(int))) == NULL)
         return NULL;
-#if !defined(NO_snprintf) && !defined(NO_vsnprintf)
     snprintf(path, 7 + 3 * sizeof(int), "<fd:%d>", fd); /* for debugging */
-#else
-    sprintf(path, "<fd:%d>", fd);   /* for debugging */
-#endif
     gz = gz_open(path, fd, mode);
     free(path);
     return gz;
@@ -603,14 +595,8 @@ void ZLIB_INTERNAL gz_error(state, err, msg)
         state->err = Z_MEM_ERROR;
         return;
     }
-#if !defined(NO_snprintf) && !defined(NO_vsnprintf)
     snprintf(state->msg, strlen(state->path) + strlen(msg) + 3,
              "%s%s%s", state->path, ": ", msg);
-#else
-    strcpy(state->msg, state->path);
-    strcat(state->msg, ": ");
-    strcat(state->msg, msg);
-#endif
     return;
 }