nodejs · nodejs-github-bot · Jun 10, 2025 · Jun 8, 2025 · Jun 8, 2025
diff --git a/deps/zlib/BUILD.gn b/deps/zlib/BUILD.gn
@@ -173,25 +173,31 @@ if (use_arm_neon_optimizations) {
   }
 }
 
-config("zlib_inflate_chunk_simd_config") {
+config("zlib_data_chunk_simd_config") {
   if (use_x86_x64_optimizations) {
     defines = [ "INFLATE_CHUNK_SIMD_SSE2" ]
 
     if (current_cpu == "x64") {
-      defines += [ "INFLATE_CHUNK_READ_64LE" ]
+      defines += [
+        "INFLATE_CHUNK_READ_64LE",
+        "DEFLATE_CHUNK_WRITE_64LE",
+      ]
     }
   }
 
   if (use_arm_neon_optimizations) {
     defines = [ "INFLATE_CHUNK_SIMD_NEON" ]
 
     if (current_cpu == "arm64") {
-      defines += [ "INFLATE_CHUNK_READ_64LE" ]
+      defines += [
+        "INFLATE_CHUNK_READ_64LE",
+        "DEFLATE_CHUNK_WRITE_64LE",
+      ]
     }
   }
 }
 
-source_set("zlib_inflate_chunk_simd") {
+source_set("zlib_data_chunk_simd") {
   visibility = [ ":*" ]
 
   if (use_x86_x64_optimizations || use_arm_neon_optimizations) {
@@ -213,7 +219,7 @@ source_set("zlib_inflate_chunk_simd") {
   configs += [ "//build/config/compiler:no_chromium_code" ]
   configs += [ ":zlib_warnings" ]
 
-  public_configs = [ ":zlib_inflate_chunk_simd_config" ]
+  public_configs = [ ":zlib_data_chunk_simd_config" ]
 
   public_deps = [ ":zlib_common_headers" ]
 }
@@ -336,7 +342,7 @@ component("zlib") {
   if (use_x86_x64_optimizations || use_arm_neon_optimizations) {
     deps += [
       ":zlib_adler32_simd",
-      ":zlib_inflate_chunk_simd",
+      ":zlib_data_chunk_simd",
       ":zlib_slide_hash_simd",
     ]
 

diff --git a/deps/zlib/CMakeLists.txt b/deps/zlib/CMakeLists.txt
@@ -3,7 +3,7 @@ set(CMAKE_ALLOW_LOOSE_LOOP_CONSTRUCTS ON)
 
 project(zlib C)
 
-set(VERSION "1.3.0.1")
+set(VERSION "1.3.1")
 
 set(INSTALL_BIN_DIR "${CMAKE_INSTALL_PREFIX}/bin" CACHE PATH "Installation directory for executables")
 set(INSTALL_LIB_DIR "${CMAKE_INSTALL_PREFIX}/lib" CACHE PATH "Installation directory for libraries")
@@ -47,6 +47,7 @@ if (ENABLE_SIMD_OPTIMIZATIONS)
     add_definitions(-DINFLATE_CHUNK_SIMD_SSE2)
     add_definitions(-DADLER32_SIMD_SSSE3)
     add_definitions(-DINFLATE_CHUNK_READ_64LE)
+    add_definitions(-DDEFLATE_CHUNK_WRITE_64LE)
     add_definitions(-DCRC32_SIMD_SSE42_PCLMUL)
     if (ENABLE_SIMD_AVX512)
       add_definitions(-DCRC32_SIMD_AVX512_PCLMUL)
@@ -64,6 +65,7 @@ if (ENABLE_SIMD_OPTIMIZATIONS)
     add_definitions(-DINFLATE_CHUNK_SIMD_NEON)
     add_definitions(-DADLER32_SIMD_NEON)
     add_definitions(-DINFLATE_CHUNK_READ_64LE)
+    add_definitions(-DDEFLATE_CHUNK_WRITE_64LE)
     add_definitions(-DCRC32_ARMV8_CRC32)
     add_definitions(-DDEFLATE_SLIDE_HASH_NEON)
     # Required by CPU features detection code.
@@ -83,10 +85,13 @@ if (ENABLE_SIMD_OPTIMIZATIONS)
     add_definitions(-DDEFLATE_SLIDE_HASH_RVV)
     add_definitions(-DADLER32_SIMD_RVV)
 
-    # TODO(cavalcantii): add remaining flags as we port optimizations to RVV.
     # chunk_copy is required for READ64 and unconditional decode of literals.
     add_definitions(-DINFLATE_CHUNK_GENERIC)
     add_definitions(-DINFLATE_CHUNK_READ_64LE)
+    add_definitions(-DDEFLATE_CHUNK_WRITE_64LE)
+
+    # TODO(cavalcantii): only missing optimization is SLIDE_HASH, got port it
+    # to RISCV.
 
     # Tested with clang-17, unaligned loads are required by read64 & chunk_copy.
     # TODO(cavalcantii): replace internal clang flags for -munaligned-access
@@ -267,7 +272,9 @@ if(MINGW)
 endif(MINGW)
 
 add_library(zlib SHARED ${ZLIB_SRCS} ${ZLIB_DLL_SRCS} ${ZLIB_PUBLIC_HDRS} ${ZLIB_PRIVATE_HDRS})
+target_include_directories(zlib PUBLIC ${CMAKE_CURRENT_BINARY_DIR} ${CMAKE_CURRENT_SOURCE_DIR})
 add_library(zlibstatic STATIC ${ZLIB_SRCS} ${ZLIB_PUBLIC_HDRS} ${ZLIB_PRIVATE_HDRS})
+target_include_directories(zlibstatic PUBLIC ${CMAKE_CURRENT_BINARY_DIR} ${CMAKE_CURRENT_SOURCE_DIR})
 set_target_properties(zlib PROPERTIES DEFINE_SYMBOL ZLIB_DLL)
 set_target_properties(zlib PROPERTIES SOVERSION 1)
 

diff --git a/deps/zlib/OWNERS b/deps/zlib/OWNERS
@@ -1,4 +1,3 @@
-agl@chromium.org
 cavalcantii@chromium.org
-cblume@chromium.org
-scroggo@google.com
+hans@chromium.org
+agl@chromium.org  #{LAST_RESORT_SUGGESTION}
diff --git a/deps/zlib/README.chromium b/deps/zlib/README.chromium
@@ -1,9 +1,9 @@
 Name: zlib
 Short Name: zlib
 URL: http://zlib.net/
-Version: 1.3.0.1
-Revision: ac8f12c97d1afd9bafa9c710f827d40a407d3266
-CPEPrefix: cpe:/a:zlib:zlib:1.3.0.1
+Version: 1.3.1
+Revision: 51b7f2abdade71cd9bb0e7a373ef2610ec6f9daf
+CPEPrefix: cpe:/a:zlib:zlib:1.3.1
 Security Critical: yes
 Shipped: yes
 License: Zlib
@@ -21,14 +21,17 @@ also implements the zlib (RFC 1950) and gzip (RFC 1952) wrapper formats.
 Local Modifications:
  - Only source code from the zlib distribution used to build the zlib and
    minizip libraries are present. Many other files have been omitted. Only *.c
-   and *.h files from the upstream root directory and contrib/minizip were
-   imported.
+   and *.h files from the upstream root directory, contrib/minizip and
+   examples/zpipe.c were imported.
+ - The files named '*simd*' are original x86/Arm/RISC-V specific optimizations.
  - The contents of the google directory are original Chromium-specific
    additions.
+ - The contents of the 'contrib' of directory are either Chromium-specific
+   additions or heavily patched zlib files (e.g. inffast_chunk*).
  - Added chromeconf.h
  - Plus the changes in 'patches' folder.
  - Code in contrib/ other than contrib/minizip was added to match zlib's
    contributor layout.
- - In sync with 1.2.13 official release
+ - In sync with 1.3.1 official release
  - ZIP reader modified to allow for progress callbacks during extraction.
  - ZIP reader modified to add detection of AES encrypted content.
diff --git a/deps/zlib/contrib/minizip/README.chromium b/deps/zlib/contrib/minizip/README.chromium
@@ -34,3 +34,8 @@ Local Modifications:
   https://pkware.cachefly.net/webdocs/casestudies/APPNOTE.TXT section 4.6.9.
   (see crrev.com/1002476)
   0016-minizip-parse-unicode-path-extra-field.patch
+
+- Added support for zip64 archives that have extra bytes on front (for example,
+  large CRX files).
+  0018-support-prefixed-zip64.patch
+
diff --git a/deps/zlib/contrib/minizip/unzip.c b/deps/zlib/contrib/minizip/unzip.c
@@ -482,6 +482,46 @@ local ZPOS64_T unz64local_SearchCentralDir64(const zlib_filefunc64_32_def* pzlib
     if (uL != 1)
         return CENTRALDIRINVALID;
 
+    /* If bytes are pre-pended to the archive, relativeOffset must be advanced
+       by that many bytes. The central dir must exist between the specified
+       relativeOffset and uPosFound. */
+    if (relativeOffset > uPosFound)
+        return CENTRALDIRINVALID;
+    const int BUFSIZE = 1024 * 4;
+    buf = (unsigned char*)ALLOC(BUFSIZE);
+    if (buf==NULL)
+        return CENTRALDIRINVALID;
+    // Zip64 EOCDR is at least 48 bytes long.
+    while (uPosFound - relativeOffset >= 48) {
+        int found = 0;
+        uLong uReadSize = uPosFound - relativeOffset;
+        if (uReadSize > BUFSIZE) {
+            uReadSize = BUFSIZE;
+        }
+        if (ZSEEK64(*pzlib_filefunc_def, filestream, relativeOffset, ZLIB_FILEFUNC_SEEK_SET) != 0) {
+            break;
+        }
+        if (ZREAD64(*pzlib_filefunc_def, filestream, buf, uReadSize) != uReadSize) {
+            break;
+        }
+        for (int i = 0; i < uReadSize - 3; ++i) {
+            // Looking for 0x06064b50, the Zip64 EOCDR signature.
+            if (buf[i] == 0x50 && buf[i + 1] == 0x4b &&
+                buf[i + 2] == 0x06 && buf[i + 3] == 0x06)
+            {
+                relativeOffset += i;
+                found = 1;
+                break;
+            }
+        }
+        if (found) {
+            break;
+        }
+        // Re-read the last 3 bytes, in case they're the front of the signature.
+        relativeOffset += uReadSize - 3;
+    }
+    free(buf);
+
     /* Goto end of central directory record */
     if (ZSEEK64(*pzlib_filefunc_def,filestream, relativeOffset,ZLIB_FILEFUNC_SEEK_SET)!=0)
         return CENTRALDIRINVALID;
@@ -1005,6 +1045,8 @@ local int unz64local_GetCurrentFileInfoInternal(unzFile file,
                     {
                         uLong uSizeRead;
 
+                        file_info.size_filename = fileNameSize;
+
                         if (fileNameSize < fileNameBufferSize)
                         {
                              *(szFileName + fileNameSize) = '\0';

diff --git a/deps/zlib/contrib/tests/fuzzers/BUILD.gn b/deps/zlib/contrib/tests/fuzzers/BUILD.gn
@@ -43,3 +43,9 @@ fuzzer_test("zlib_deflate_fuzzer") {
   sources = [ "deflate_fuzzer.cc" ]
   deps = [ "../../../:zlib" ]
 }
+
+fuzzer_test("minizip_unzip_fuzzer") {
+  sources = [ "minizip_unzip_fuzzer.cc" ]
+  deps = [ "../../../:minizip" ]
+  include_dirs = [ "//third_party/zlib/contrib/minizip" ]
+}
diff --git a/deps/zlib/contrib/tests/fuzzers/minizip_unzip_fuzzer.cc b/deps/zlib/contrib/tests/fuzzers/minizip_unzip_fuzzer.cc
@@ -0,0 +1,119 @@
+// Copyright 2025 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include <algorithm>
+#include <cstdint>
+#include <cstring>
+#include <vector>
+
+#include "unzip.h"
+
+// Fuzzer builds often have NDEBUG set, so roll our own assert macro.
+#define ASSERT(cond)                                                           \
+  do {                                                                         \
+    if (!(cond)) {                                                             \
+      fprintf(stderr, "%s:%d Assert failed: %s\n", __FILE__, __LINE__, #cond); \
+      exit(1);                                                                 \
+    }                                                                          \
+  } while (0)
+
+extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
+  // Mock read-only filesystem with only one file, file_data. In the calls
+  // below, 'opaque' points to file_data, and 'strm' points to the file's seek
+  // position, which is heap allocated so that failing to "close" it triggers a
+  // leak error.
+  std::vector<uint8_t> file_data(data, data + size);
+  zlib_filefunc64_def file_func = {
+      .zopen64_file = [](void* opaque, const void* filename,
+                         int mode) -> void* {
+        ASSERT(mode == (ZLIB_FILEFUNC_MODE_READ | ZLIB_FILEFUNC_MODE_EXISTING));
+        return new size_t(0);
+      },
+      .zread_file = [](void* opaque, void* strm, void* buf,
+                       uLong size) -> uLong {
+        std::vector<uint8_t>* vec = static_cast<std::vector<uint8_t>*>(opaque);
+        size_t* pos = static_cast<size_t*>(strm);
+        if (*pos >= vec->size()) {
+          return 0;
+        }
+        size = std::min(static_cast<size_t>(size), vec->size() - *pos);
+        memcpy(buf, vec->data() + *pos, size);
+        (*pos) += size;
+        return size;
+      },
+      .zwrite_file = [](void*, void*, const void*, uLong) -> uLong {
+        ASSERT(0 && "Writing is not supported.");
+        return 0;
+      },
+      .ztell64_file = [](void*, void* strm) -> ZPOS64_T {
+        return *static_cast<size_t*>(strm);
+      },
+      .zseek64_file = [](void* opaque, void* strm, ZPOS64_T offset,
+                         int origin) -> long {
+        std::vector<uint8_t>* vec = static_cast<std::vector<uint8_t>*>(opaque);
+        size_t* pos = static_cast<size_t*>(strm);
+        switch (origin) {
+          case ZLIB_FILEFUNC_SEEK_SET:
+            *pos = offset;
+            break;
+          case ZLIB_FILEFUNC_SEEK_CUR:
+            *pos = *pos + offset;
+            break;
+          case ZLIB_FILEFUNC_SEEK_END:
+            *pos = vec->size() + offset;
+            break;
+          default:
+            ASSERT(0 && "Invalid origin");
+        }
+        return 0;
+      },
+      .zclose_file = [](void*, void* strm) -> int {
+        delete static_cast<size_t*>(strm);
+        return 0;
+      },
+      .zerror_file = [](void*, void*) -> int { return 0; },
+      .opaque = &file_data};
+
+  unzFile uzf = unzOpen2_64("foo.zip", &file_func);
+  if (uzf == NULL) {
+    return 0;
+  }
+
+  while (true) {
+    unz_file_info64 info = {0};
+
+    // TODO: Pass nullptrs and different buffer sizes to cover more code.
+    char filename[UINT16_MAX + 1];  // +1 for the null terminator.
+    char extra[UINT16_MAX];         // No null terminator.
+    char comment[UINT16_MAX + 1];   // +1 for the null terminator.
+
+    if (unzGetCurrentFileInfo64(uzf, &info, filename, sizeof(filename), extra,
+                                sizeof(extra), comment, sizeof(comment)) == UNZ_OK) {
+      ASSERT(info.size_filename <= UINT16_MAX);
+      ASSERT(info.size_file_extra <= UINT16_MAX);
+      ASSERT(info.size_file_comment <= UINT16_MAX);
+
+      ASSERT(filename[info.size_filename] == '\0');
+      ASSERT(comment[info.size_file_comment] == '\0');
+    }
+
+    if (unzOpenCurrentFile(uzf) == UNZ_OK) {
+      while (true) {
+        char buffer[4096];
+        int num_read = unzReadCurrentFile(uzf, buffer, sizeof(buffer));
+        if (num_read <= 0) {
+          break;
+        }
+      }
+      unzCloseCurrentFile(uzf);
+    }
+
+    if (unzGoToNextFile(uzf) != UNZ_OK) {
+      break;
+    }
+  }
+
+  unzClose(uzf);
+  return 0;
+}