Re: Zlib memory corruption on deflate (i.e. compress)

This page summarizes the projects mentioned and recommended in the original post on

Our great sponsors
  • SonarQube - Static code analysis for 29 languages.
  • Scout APM - Less time debugging, more time building
  • SaaSHub - Software Alternatives and Reviews
  • ZLib

    A massively spiffy yet delicately unobtrusive compression library.

    This seems to be a minor bug, in that it is only triggered using unusual (and rather unlikely) deflate parameters.

    But, looking into this bug, I was sort-of interested to see how it was handled. The change log for 1.2.12 (2022-03-27) indicates the issue was resolved ("Fix a bug that can crash deflate on some input when using Z_FIXED"). Yet, in what seems to be the canonical Zlib repository (, I was unable to find a corresponding commit.

    None of commits this year (7, so not too hard to review) seem to be particularity meaningful changes, and in particular yesterday's 'zlib 1.2.12' commit seems to only consist of version/copyright updates.

    So, does anyone have any idea where to find the commits related to the change log entry? (Note that I'm not disputing the issue is actually fixed, I'm just trying to improve my Github reading skills...)

  • zlib-ng

    zlib replacement with optimizations for "next generation" systems.

    There are already active zlib forks (e.g., the problem is with having people move to them. It takes a lot of effort to move mindshare from the original version to a fork, there's some historical examples of it happening, but not a ton.

  • SonarQube

    Static code analysis for 29 languages.. Your projects are multi-language. So is SonarQube analysis. Find Bugs, Vulnerabilities, Security Hotspots, and Code Smells so you can release quality code every time. Get started analyzing your projects today for free.

  • fpc

    I wonder if FreePascal is affected

    Looks like they ported zlib to Pascal in 1998 and left it pretty much unchanged:

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts