From 5c47755331cb7354133b82f357ed767578c95649 Mon Sep 17 00:00:00 2001
From: gaoshutao <1779227906@qq.com>
Date: Mon, 25 Aug 2025 15:38:00 +0800
Subject: Check for invalid NULL pointer inputs to zlib operations.

---
 compress.c | 4 ++++
 gzlib.c    | 2 +-
 uncompr.c  | 4 ++++
 3 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/compress.c b/compress.c
index 0c809880..410d6e50 100644
--- a/compress.c
+++ b/compress.c
@@ -28,6 +28,10 @@ int ZEXPORT compress2_z(Bytef *dest, z_size_t *destLen, const Bytef *source,
     const uInt max = (uInt)-1;
     z_size_t left;
 
+    if ((sourceLen > 0 && source == NULL) ||
+        destLen == NULL || (*destLen > 0 && dest == NULL))
+        return Z_STREAM_ERROR;
+
     left = *destLen;
     *destLen = 0;
 
diff --git a/gzlib.c b/gzlib.c
index 65a0b497..934688c5 100644
--- a/gzlib.c
+++ b/gzlib.c
@@ -93,7 +93,7 @@ local gzFile gz_open(const void *path, int fd, const char *mode) {
 #endif
 
     /* check input */
-    if (path == NULL)
+    if (path == NULL || mode == NULL)
         return NULL;
 
     /* allocate gzFile structure to return */
diff --git a/uncompr.c b/uncompr.c
index 8f7438ee..14ef96ce 100644
--- a/uncompr.c
+++ b/uncompr.c
@@ -33,6 +33,10 @@ int ZEXPORT uncompress2_z(Bytef *dest, z_size_t *destLen, const Bytef *source,
     const uInt max = (uInt)-1;
     z_size_t len, left;
 
+    if (sourceLen == NULL || (*sourceLen > 0 && source == NULL) ||
+        destLen == NULL || (*destLen > 0 && dest == NULL))
+        return Z_STREAM_ERROR;
+
     len = *sourceLen;
     left = *destLen;
     if (left == 0 && dest == Z_NULL)
-- 
cgit v1.2.3-55-g6feb