[PATCH 1/1] lib/zlib: DFLTCC deflate does not write all available bits for Z_NO_FLUSH

[Mikhail Zaslonko]

DFLTCC deflate with Z_NO_FLUSH might generate a corrupted stream when
the output buffer is not large enough to fit all the deflate output at
once. The problem takes place on closing the deflate block since
flush_pending() might leave some output bits not written.
Similar problem for software deflate with Z_BLOCK flush option (not
supported by kernel zlib deflate) has been fixed a while ago in userspace
zlib but the fix never got to the kernel.
Now flush_pending() flushes the bit buffer before copying out the byte buffer,
in order to really flush as much as possible.
Currently there are no users of DFLTCC deflate with Z_NO_FLUSH option in the
kernel so the problem remained hidden for a while.

This commit is based on the old zlib commit:
https://github.com/madler/zlib/commit/0b828b4

Signed-off-by: Mikhail Zaslonko <zaslonko@xxxxxxxxxxxxx>
Acked-by: Ilya Leoshkevich <iii@xxxxxxxxxxxxx>
---
 lib/zlib_deflate/defutil.h | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/lib/zlib_deflate/defutil.h b/lib/zlib_deflate/defutil.h
index 385333b22ec6..4ea40f5a279f 100644
--- a/lib/zlib_deflate/defutil.h
+++ b/lib/zlib_deflate/defutil.h
@@ -420,9 +420,11 @@ static inline void flush_pending(
 	z_streamp strm
 )
 {
+    unsigned len;
     deflate_state *s = (deflate_state *) strm->state;
-    unsigned len = s->pending;
 
+    bi_flush(s);
+    len = s->pending;
     if (len > strm->avail_out) len = strm->avail_out;
     if (len == 0) return;
 
-- 
2.37.2