On Sun, 11 Sept 2022 at 11:47, Jit Loon Lim jit.loon.lim@intel.com wrote:
From: Chin Liang See chin.liang.see@intel.com
An old inffast.c optimization turns out to not be optimal anymore with modern compilers, and furthermore was not compliant with the C standard, for which decrementing a pointer before its allocated memory is undefined. Per the recommendation of a security audit of the zlib code by Trail of Bits and TrustInSoft, in support of the Mozilla Foundation, this "optimization" was removed, in order to avoid the possibility of undefined behavior.
A similar change was merged into an official zlib in 2016: https://github.com/madler/zlib/commit/9aaec95e82117 It makes me wonder can zlib be used as an external project in U-Boot? To be up to date with zlib development.