From a5c20ed67e0f58c05346cee74e31fd63f487c74f Mon Sep 17 00:00:00 2001
From: Hans Kristian Rosbach <hk-git@circlestorm.org>
Date: Wed, 25 Sep 2024 17:21:28 +0200
Subject: [PATCH] Add variable 'wbufsize' to track window buffer including
 padding, to allow the chunkset code to spill garbage data into the padding
 area if available.

---
 infback.c     | 1 +
 inffast_tpl.h | 2 +-
 inflate.c     | 1 +
 inflate.h     | 1 +
 4 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/infback.c b/infback.c
index 6e5dcd03e8..0f5b51f78b 100644
--- a/infback.c
+++ b/infback.c
@@ -55,6 +55,7 @@ int32_t ZNG_CONDEXPORT PREFIX(inflateBackInit)(PREFIX3(stream) *strm, int32_t wi
     strm->state = (struct internal_state *)state;
     state->wbits = (unsigned int)windowBits;
     state->wsize = 1U << windowBits;
+    state->wbufsize = 1U << windowBits;
     state->window = window;
     state->wnext = 0;
     state->whave = 0;
diff --git a/inffast_tpl.h b/inffast_tpl.h
index cd5c79e8cb..1b36acaa35 100644
--- a/inffast_tpl.h
+++ b/inffast_tpl.h
@@ -137,7 +137,7 @@ void Z_INTERNAL INFLATE_FAST(PREFIX3(stream) *strm, uint32_t start) {
     /* Detect if out and window point to the same memory allocation. In this instance it is
        necessary to use safe chunk copy functions to prevent overwriting the window. If the
        window is overwritten then future matches with far distances will fail to copy correctly. */
-    extra_safe = (wsize != 0 && out >= window && out + INFLATE_FAST_MIN_LEFT <= window + wsize);
+    extra_safe = (wsize != 0 && out >= window && out + INFLATE_FAST_MIN_LEFT <= window + state->wbufsize);
 
 #define REFILL() do { \
         hold |= load_64_bits(in, bits); \
diff --git a/inflate.c b/inflate.c
index fdf80c0722..2ce508f8d0 100644
--- a/inflate.c
+++ b/inflate.c
@@ -240,6 +240,7 @@ int32_t ZNG_CONDEXPORT PREFIX(inflateInit2)(PREFIX3(stream) *strm, int32_t windo
     state = alloc_bufs->state;
     state->window = alloc_bufs->window;
     state->alloc_bufs = alloc_bufs;
+    state->wbufsize = INFLATE_ADJUST_WINDOW_SIZE((1 << MAX_WBITS) + 64);
     Tracev((stderr, "inflate: allocated\n"));
 
     strm->state = (struct internal_state *)state;
diff --git a/inflate.h b/inflate.h
index 7fd6c44cf0..66e6129d28 100644
--- a/inflate.h
+++ b/inflate.h
@@ -111,6 +111,7 @@ struct ALIGNED_(64) inflate_state {
         /* sliding window */
     unsigned wbits;             /* log base 2 of requested window size */
     uint32_t wsize;             /* window size or zero if not using window */
+    uint32_t wbufsize;          /* real size of the allocated window buffer, including padding */
     uint32_t whave;             /* valid bytes in the window */
     uint32_t wnext;             /* window write index */
     unsigned char *window;      /* allocated sliding window, if needed */