Merge pull request #263444 from trofi/zsnes-zlib-1.3-fix

    sha256 = "1gy79d5wdaacph0cc1amw7mqm7i0716n6mvav16p1svi26iz193v";

  };

  patches = [

    ./zlib-1.3.patch

    ./fortify3.patch

  ];

  buildInputs = [ nasm SDL zlib libpng ncurses libGLU libGL ];

  prePatch = ''

pal16bxcl is an array of 256 dwords, not bytes:

    src/endmem.asm:NEWSYM pal16bxcl, resd 256

While at it fixes off-by-4 out of bounds exit.

Detected by _FORTIFY_SOURCE=3:

    *** buffer overflow detected ***: terminated

    #7  0x08057c14 in memset (__len=2, __ch=255, __dest=<optimized out>) at ...-glibc-2.38-23-dev/include/bits/string_fortified.h:59

#8  clearmem () at initc.c:1461

--- a/src/initc.c

+++ b/src/initc.c

@@ -1389,7 +1389,7 @@ extern unsigned char vidmemch8[4096];

 extern unsigned char pal16b[1024];

 extern unsigned char pal16bcl[1024];

 extern unsigned char pal16bclha[1024];

-extern unsigned char pal16bxcl[256];

+extern unsigned char pal16bxcl[1024];

 extern unsigned char SPCRAM[65472];

 unsigned char *SPCState = SPCRAM;

@@ -1456,7 +1456,7 @@ void clearmem()

   memset(pal16b, 0, 1024);

   memset(pal16bcl, 0, 1024);

   memset(pal16bclha, 0, 1024);

-  for (i=0 ; i<1024 ; i+=4)

+  for (i=0 ; i<1024-4 ; i+=4)

   {

     memset(pal16bxcl+i, 255, 2);

     memset(pal16bxcl+i+2, 0, 2);

Add support for 2-digit zlib version like "1.3".

--- a/src/acinclude.m4

+++ b/src/acinclude.m4

@@ -67,7 +67,7 @@ char* my_strdup (char *str)

 int main (int argc, char *argv[])

 {

-  int major, minor, micro, zlib_major_version, zlib_minor_version, zlib_micro_version;

+  int major, minor, micro, zlib_major_version, zlib_minor_version, zlib_micro_version = 0;

   char *zlibver, *tmp_version;

@@ -85,7 +85,7 @@ int main (int argc, char *argv[])

     printf("%s, bad version string for\n\tmin_zlib_version... ", "$min_zlib_version");

     exit(1);

   }

-  if (sscanf(zlibver, "%d.%d.%d", &zlib_major_version, &zlib_minor_version, &zlib_micro_version) != 3) {

+  if (sscanf(zlibver, "%d.%d.%d", &zlib_major_version, &zlib_minor_version, &zlib_micro_version) != 3 && sscanf(zlibver, "%d.%d", &zlib_major_version, &zlib_minor_version) != 2) {

     printf("%s, bad version string given\n", zlibver);

     puts("\tby zlib, sometimes due to very old zlibs that didnt correctly");

     printf("\tdefine their version. Please upgrade if you are running an\n\told zlib... ");

--- a/src/configure

+++ b/src/configure

@@ -3817,7 +3817,7 @@ char* my_strdup (char *str)

 int main (int argc, char *argv[])

 {

-  int major, minor, micro, zlib_major_version, zlib_minor_version, zlib_micro_version;

+  int major, minor, micro, zlib_major_version, zlib_minor_version, zlib_micro_version = 0;

   char *zlibver, *tmp_version;

@@ -3835,7 +3835,7 @@ int main (int argc, char *argv[])

     printf("%s, bad version string for\n\tmin_zlib_version... ", "$min_zlib_version");

     exit(1);

   }

-  if (sscanf(zlibver, "%d.%d.%d", &zlib_major_version, &zlib_minor_version, &zlib_micro_version) != 3) {

+  if (sscanf(zlibver, "%d.%d.%d", &zlib_major_version, &zlib_minor_version, &zlib_micro_version) != 3 && sscanf(zlibver, "%d.%d", &zlib_major_version, &zlib_minor_version) != 2) {

     printf("%s, bad version string given\n", zlibver);

     puts("\tby zlib, sometimes due to very old zlibs that didnt correctly");

     printf("\tdefine their version. Please upgrade if you are running an\n\told zlib... ");