diff options
author | Karen Arutyunov <karen@codesynthesis.com> | 2022-08-29 20:49:20 +0300 |
---|---|---|
committer | Karen Arutyunov <karen@codesynthesis.com> | 2022-08-29 20:49:20 +0300 |
commit | 039cbaca07a03305d85e915f4047ce04ca801482 (patch) | |
tree | 29ed524558cecb08da0fa5afc9cb4f7653f077cc /libz/libz/CVE-2022-37434-1eb7682.patch | |
parent | 9fe3f828463e7902cfe85111ce7ed22ab6a9b24f (diff) |
Release version 1.2.1200+2v1.2.1200+2
Apply patches which fix CVE-2022-37434
Rewrite testscript not to use files
Update TODO file
Update libz/README-DEV file
Diffstat (limited to 'libz/libz/CVE-2022-37434-1eb7682.patch')
-rw-r--r-- | libz/libz/CVE-2022-37434-1eb7682.patch | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/libz/libz/CVE-2022-37434-1eb7682.patch b/libz/libz/CVE-2022-37434-1eb7682.patch new file mode 100644 index 0000000..b371036 --- /dev/null +++ b/libz/libz/CVE-2022-37434-1eb7682.patch @@ -0,0 +1,20 @@ +1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d +:100644 100644 7a728974923a43306eff24fc5d84191cd7b92cf2 2a3c4fe9846406c15a4bbd02e7fe6907589e1670 M inflate.c + +diff --git a/inflate.c b/inflate.c +index 7a72897..2a3c4fe 100644 +--- a/inflate.c ++++ b/inflate.c +@@ -763,10 +763,10 @@ int flush; + copy = state->length; + if (copy > have) copy = have; + if (copy) { +- len = state->head->extra_len - state->length; + if (state->head != Z_NULL && + state->head->extra != Z_NULL && +- len < state->head->extra_max) { ++ (len = state->head->extra_len - state->length) < ++ state->head->extra_max) { + zmemcpy(state->head->extra + len, next, + len + copy > state->head->extra_max ? + state->head->extra_max - len : copy); |