Created attachment 206322 [details]
The implementation of z_alloc() in g_uzip_zlib.c uses malloc() to allocate resources without any check for the size.
This may lead to integer overflow.
It is better to use mallocarray() here to prevent such risk.
z_alloc is used exclusively for zlib zstream's zalloc() pointer. zlib does not make u_int overflowing allocation calls. zlib inflate allocates about 44 kB per stream, max: https://www.zlib.net/zlib_tech.html .
I think both of comments have a point.
Nevertheless, when delphij and I updated ZLIB, we switched to use mallocarray() and also dropped this private implementation.
References: https://reviews.freebsd.org/D21156 and https://reviews.freebsd.org/D20271