BungeeCord, the 6th in a generation of server portal suites. Efficiently proxies and maintains connections and transport between multiple Minecraft servers.
This pull request disables GZIP in the native-compress library, allowing native-compress to be used safely on CPUs that don't support PCLMUL (like the BungeeCord Jenkins).
I have verified with a disassembler that the GZIP functions are not included (they are relatively small) however the CRC32 function is still being compiled and it doesn't look like it can be removed without forking ZLIB. I checked for XREFs though and its only accessible as a pointer located in the debug information embedded in the SO file so there is no way for an attacker to get the proxy to SIGILL on a server that doesn't support PCLMUL through decompressing data that somehow invokes the CRC32 function.
As usual I have compiled on a glibc-based system and then copied the executable to an Alpine Linux VM and ran the unit tests to make sure there are no incompatibilities between C libraries.
This pull request disables GZIP in the native-compress library, allowing native-compress to be used safely on CPUs that don't support PCLMUL (like the BungeeCord Jenkins).
I have verified with a disassembler that the GZIP functions are not included (they are relatively small) however the CRC32 function is still being compiled and it doesn't look like it can be removed without forking ZLIB. I checked for XREFs though and its only accessible as a pointer located in the debug information embedded in the SO file so there is no way for an attacker to get the proxy to SIGILL on a server that doesn't support PCLMUL through decompressing data that somehow invokes the CRC32 function.
As usual I have compiled on a glibc-based system and then copied the executable to an Alpine Linux VM and ran the unit tests to make sure there are no incompatibilities between C libraries.