A check of zlib with PVS-Studio Static Code Analyzer

[j-mattsson]

I've analyzed zlib-1.2.11 with PVS-Studio (https://www.viva64.com), a static code analyzer. I've singled out a few code fragments that the analyzer warned about that I think could be real bugs:

1. contrib/minizip/minizip.c:395: "(argv[i][1]>='0') || (argv[i][1]<='9')" is always true. Maybe "||" should be replaced with "&&"? (Or replace test with isdigit())

2. adler32.c: On line 77 "buf" is dereferenced, however, "buf" is checked for NULL only later (on line 87). If it is possible(?) for "len" to be 1 and "buf" is NULL then we would have a potential NULL dereference on line 77.

3. deflate.c:603: CLEAR_HASH() (defined on line 192) is an unprotected multi-statement macro, it should probably(?) be protected inside "do{...} while(0)". As it is now, because the "else" on line 602 lacks braces the last statement of the macro is always executed.

4. There are some format specifiers that does not match their argument, example: 4.1 contrib/testzlib/testzlib.c:172: "%u" should probably be changed into "%ld" to match signed long-type of "lFileSize". 4.2 contrib/minizip/minizip.c:235: "%lld" should probably be changed into "%llu" to match unsignedness of "pos".

[tbeu]

deflate.c:603: is a duplicate of #207, #208, #261, #288, #327 and already resolved in the develop branch by 38e8ce3.

[Neustradamus]

Please note that there is https://github.com/nmoinvaz/minizip.

[madler]

#2 is intentional. Note comment: /* initial Adler-32 value (deferred check for len == 1 speed) */. #3 has been fixed.

[gvollant]

I agree with 1. and 4.2 remark

[madler]

All fixed.