The safety contract of deflateParams requires that the provided z_stream is valid and has been properly initialized (e.g., via deflateInit2_). However, it does not explicitly state that the internal state pointed to by z_stream.state should remain unmodified after initialization. This omission allows external mutation of the state to violate internal invariants.
This can be demonstrated with the following example, which leads to a panic in deflateParams:
use libz_rs_sys::*;
fn main() {
unsafe {
let mut strm: z_stream = std::mem::zeroed();
deflateInit2_(
&mut strm,
6, 8, 15, 8, 0,
zlibVersion(),
std::mem::size_of::<z_stream>() as i32,
);
// corrupt internal state
let p = strm.state as *mut u8;
p.add(4).write(100);
// panic
let _ = deflateParams(&mut strm, 1, 0);
}
}
The safety contract of
deflateParamsrequires that the providedz_streamis valid and has been properly initialized (e.g., viadeflateInit2_). However, it does not explicitly state that the internal state pointed to byz_stream.stateshould remain unmodified after initialization. This omission allows external mutation of the state to violate internal invariants.This can be demonstrated with the following example, which leads to a panic in
deflateParams: