Implement gzfwrite and add null buffer check to gzfread

brianpane · brianpane · commit 1d61e9177b99 · 2025-04-26T19:17:46.000-07:00
diff --git a/libz-rs-sys/src/gz.rs b/libz-rs-sys/src/gz.rs
@@ -986,7 +986,7 @@ pub unsafe extern "C-unwind" fn gzfread(
     nitems: size_t,
     file: gzFile,
 ) -> size_t {
-    if size == 0 {
+    if size == 0 || buf.is_null() {
         return 0;
     }
 
@@ -1463,6 +1463,58 @@ pub unsafe extern "C-unwind" fn gzwrite(file: gzFile, buf: *const c_void, len: c
     unsafe { gz_write(state, buf, len) }
 }
 
+/// Compress and write `nitems` items of size `size` from `buf` to `file`, duplicating
+/// the interface of C stdio's `fwrite`, with `size_t` request and return types.
+///
+/// # Returns
+///
+/// - The number of full items written of size `size` on success.
+/// - Zero on error.
+///
+/// Note: If the multiplication of `size` and `nitems` overflows, i.e. the product does
+/// not fit in a `size_t`, then nothing is written, zero is returned, and the error state
+/// is set to `Z_STREAM_ERROR`.
+///
+/// # Safety
+///
+/// - `file`, if non-null, must be an open file handle obtained from [`gzopen`] or [`gzdopen`].
+/// - The caller must ensure that `buf` points to at least `size * nitems` readable bytes.
+#[cfg_attr(feature = "export-symbols", export_name = crate::prefix!(gzfwrite))]
+pub unsafe extern "C-unwind" fn gzfwrite(
+    buf: *const c_void,
+    size: size_t,
+    nitems: size_t,
+    file: gzFile,
+) -> size_t {
+    if size == 0 || buf.is_null() {
+        return 0;
+    }
+
+    let Some(state) = (unsafe { file.cast::<GzState>().as_mut() }) else {
+        return 0;
+    };
+
+    // Check that we're writing and that there's no error.
+    if state.mode != GzMode::GZ_WRITE || state.err != Z_OK {
+        return 0;
+    }
+
+    // Compute the number of bytes to write, and make sure it fits in a size_t.
+    let Some(len) = size.checked_mul(nitems) else {
+        const MSG: &str = "request does not fit in a size_t";
+        unsafe { gz_error(state, Some((Z_STREAM_ERROR, MSG))) };
+        return 0;
+    };
+
+    if len == 0 {
+        len
+    } else {
+        // Safety: The caller is responsible for ensuring that `buf` points to at least
+        // `len = size * nitems` readable bytes.
+        (unsafe { gz_write(state, buf, len) }) as size_t / size
+    }
+}
+
 // Internal implementation of `gzwrite`.
 //
 // # Returns
diff --git a/test-libz-rs-sys/src/gz.rs b/test-libz-rs-sys/src/gz.rs
@@ -2,8 +2,8 @@ use zlib_rs::c_api::*;
 
 use libz_rs_sys::{
     gzFile_s, gzbuffer, gzclearerr, gzclose, gzclose_r, gzclose_w, gzdirect, gzdopen, gzerror,
-    gzflush, gzfread, gzgetc, gzgetc_, gzgets, gzoffset, gzopen, gzputc, gzputs, gzread, gztell,
-    gzwrite,
+    gzflush, gzfread, gzfwrite, gzgetc, gzgetc_, gzgets, gzoffset, gzopen, gzputc, gzputs, gzread,
+    gztell, gzwrite,
 };
 
 use libc::size_t;
@@ -1197,6 +1197,9 @@ fn gzfread_basic() {
     assert_eq!(&buf[..20], b"gzip\nexample data\nfo");
     assert_eq!(buf[20], 0);
 
+    // gzfread with a null buffer should return 0.
+    assert_eq!(unsafe { gzfread(ptr::null_mut(), 1, 1, file) }, 0);
+
     // When there is not enough data remaining in the file, gzfread should transfer as many
     // units of size as possible.
     let mut buf = [0u8; 32];
@@ -1222,7 +1225,7 @@ fn gzfread_error() {
     );
 
     // gzfread with a size or nitems of 0 should return 0.
-    let file = unsafe { gzdopen(-2, CString::new("w").unwrap().as_ptr()) };
+    let file = unsafe { gzdopen(-2, CString::new("r").unwrap().as_ptr()) };
     assert!(!file.is_null());
     assert_eq!(
         unsafe { gzfread(buf.as_mut_ptr().cast::<c_void>(), 0, 1, file) },
@@ -1235,12 +1238,12 @@ fn gzfread_error() {
 
     // gzfread should return 0 if size * nitems is too big to fit in a size_t.
     assert_eq!(
-        unsafe { gzfread(buf.as_mut_ptr().cast::<c_void>(), size_t::MAX, 1, file) },
+        unsafe { gzfread(buf.as_mut_ptr().cast::<c_void>(), size_t::MAX, 2, file) },
         0
     );
     assert_eq!(unsafe { gzclose(file) }, Z_ERRNO);
 
-    // gzfread on a read-only file handle should return 0.
+    // gzfread on a write-only file handle should return 0.
     let file = unsafe { gzdopen(-2, CString::new("w").unwrap().as_ptr()) };
     assert_eq!(
         unsafe { gzfread(buf.as_mut_ptr().cast::<c_void>(), 1, 1, file) },
@@ -1250,6 +1253,99 @@ fn gzfread_error() {
     assert_eq!(unsafe { gzclose(file) }, Z_ERRNO);
 }
 
+#[test]
+fn gzfwrite_basic() {
+    // Create a temporary directory that will be automatically removed when
+    // temp_dir goes out of scope.
+    let temp_dir_path = temp_base();
+    let temp_dir = tempfile::TempDir::new_in(temp_dir_path).unwrap();
+    let temp_path = temp_dir.path();
+    let file_name = path(temp_path, "output");
+
+    // Open a file for writing, using direct (uncompressed) mode to make it easier
+    // to verify the output.
+    let file = unsafe {
+        gzopen(
+            CString::new(file_name.as_str()).unwrap().as_ptr(),
+            CString::new("wT").unwrap().as_ptr(),
+        )
+    };
+    assert!(!file.is_null());
+
+    // gzfwrite of a single object should return 1.
+    assert_eq!(
+        unsafe { gzfwrite(b"test".as_ptr().cast::<c_void>(), 4, 1, file) },
+        1
+    );
+    // gzfwrite of n objects should return n.
+    assert_eq!(
+        unsafe { gzfwrite(b" of gzfwrite...".as_ptr().cast::<c_void>(), 4, 3, file) },
+        3
+    );
+
+    // gzfwrite with a null buffer should return 0.
+    assert_eq!(unsafe { gzfread(ptr::null_mut(), 1, 1, file) }, 0);
+
+    // After the gzfwrite calls, the file should close cleanly.
+    assert_eq!(unsafe { gzclose(file) }, Z_OK);
+
+    // Read in the file and verify that the contents match what was passed to gzfwrite.
+    let mut mode = 0;
+    #[cfg(target_os = "windows")]
+    {
+        mode |= libc::O_BINARY;
+    }
+    mode |= libc::O_RDONLY;
+    let fd = unsafe { libc::open(CString::new(file_name.as_str()).unwrap().as_ptr(), mode) };
+    assert_ne!(fd, -1);
+    const EXPECTED: &[u8] = b"test of gzfwrite";
+    let mut buf = [0u8; EXPECTED.len() + 1];
+    let ret = unsafe { libc::read(fd, buf.as_mut_ptr().cast(), buf.len() as _) };
+    assert_eq!(ret, EXPECTED.len() as _);
+    assert_eq!(&buf[..EXPECTED.len()], EXPECTED);
+
+    assert_eq!(unsafe { libc::close(fd) }, 0);
+}
+
+#[test]
+fn gzfwrite_error() {
+    let mut buf = [0u8; 10];
+
+    // gzfwrite on a null file handle should return 0.
+    assert_eq!(
+        unsafe { gzfwrite(buf.as_mut_ptr().cast::<c_void>(), 1, 1, ptr::null_mut()) },
+        0
+    );
+
+    // gzfwrite with a size or nitems of 0 should return 0.
+    let file = unsafe { gzdopen(-2, CString::new("w").unwrap().as_ptr()) };
+    assert!(!file.is_null());
+    assert_eq!(
+        unsafe { gzfwrite(buf.as_mut_ptr().cast::<c_void>(), 0, 1, file) },
+        0
+    );
+    assert_eq!(
+        unsafe { gzfwrite(buf.as_mut_ptr().cast::<c_void>(), 1, 0, file) },
+        0
+    );
+
+    // gzfwrite should return 0 if size * nitems is too big to fit in a size_t.
+    assert_eq!(
+        unsafe { gzfwrite(buf.as_mut_ptr().cast::<c_void>(), size_t::MAX, 2, file) },
+        0
+    );
+    assert_eq!(unsafe { gzclose(file) }, Z_ERRNO);
+
+    // gzfwrite on a read-only file handle should return 0.
+    let file = unsafe { gzdopen(-2, CString::new("r").unwrap().as_ptr()) };
+    assert_eq!(
+        unsafe { gzfwrite(buf.as_mut_ptr().cast::<c_void>(), 1, 1, file) },
+        0
+    );
+    assert!(!file.is_null());
+    assert_eq!(unsafe { gzclose(file) }, Z_ERRNO);
+}
+
 // Get the size in bytes of a file.
 //
 // # Returns
