github hellobertrand/zxc v0.2.0
ZXC v0.2.0
on GitHub

latest releases: v0.9.1, v0.9.0, v0.8.3...
3 months ago

This release brings significant security hardening, performance optimizations, and a major structural refactor of the public API.

Special Thanks

A huge shoutout to @tzcnt for their first public contribution! He spearheaded the restructuring of the public headers to provide a cleaner "sans-IO" API (#9). This makes integrating zxc into projects that manage their own I/O significantly easier. Thank you for your contribution!

Security Hardening

This release includes comprehensive security improvements ensuring robustness against malformed or malicious inputs:

  • Decompression Bounds Checking: Implemented strict bounds checking in the decompression fast paths to prevent input buffer over-reads and invalid offset access.
  • VByte Hardening: Hardened variable-byte integer reading logic to prevent buffer overruns and potential infinite loops with malformed data.
  • Memory Safety: Fixed a MemorySanitizer (MSan) warning by explicitly zero-initializing memory blocks in the stream engine, ensuring no uninitialized values leak into the output.

Performance Improvements

  • Reduced Thread Contention: Optimized the stream engine to reduce lock contention, improving scalability on high-core-count systems.
  • Short-Circuit Optimization: Optimized decompression safety checks to short-circuit expensive offset validation for valid large blocks (>64KB), recovering performance while maintaining safety.
  • Memory Usage: Reduced memory footprint of the chain table.
  • Buffer Management: Refactored buffer allocation strategies for better I/O performance.

API & Refactoring

  • Sans-IO API: Public headers have been restructured to separate core compression logic from file I/O utilities.
  • Bug Fixes: Various fixes for edge cases in raw block handling and fuzzing tests.

Full Changelog

  • Restructure public headers to provide a "sans-IO" API (#9) (tzcnt)
  • Initializes memory block after allocation (Fix MSan uninitialized bytes)
  • Adds comprehensive checks to prevent buffer overflows in decompression
  • Optimize hot path logic for decompression
  • Raises capacity checks to avoid buffer overflows
  • Fixes fuzzers names and updates fuzzing schedule
  • Reduces memory usage of chain table
  • Reduces thread contention in stream engine
  • Updates atomic type definitions and I/O error handling
  • Format code and cleanup unused docs

Full Changelog: v0.1.2...v0.2.0

Check out latest releases or
releases around hellobertrand/zxc v0.2.0

Don't miss a new zxc release

NewReleases is sending notifications on new releases.

Get notifications