build / midipix_build

Clone
Source Code
GIT

Blame patches/libz/CVE-2022-37434.patch

main pr3
  1.   main
  2.   patches
  3.   libz
  4.   CVE-2022-37434.patch
Blob History Raw
34f96f 
diff -ru libz-1.2.8.2015.12.26.orig/inflate.c libz-1.2.8.2015.12.26/inflate.c
34f96f 
--- libz-1.2.8.2015.12.26.orig/inflate.c	2015-12-21 23:37:02.000000000 +0100
34f96f 
+++ libz-1.2.8.2015.12.26/inflate.c	2022-10-27 11:32:39.403516533 +0200
34f96f 
@@ -595,8 +595,9 @@
34f96f 
                 if (copy > have) copy = have;
34f96f 
                 if (copy) {
34f96f 
                     if (state->head != NULL &&
34f96f 
-                        state->head->extra != NULL) {
34f96f 
-                        len = state->head->extra_len - state->length;
34f96f 
+                        state->head->extra != NULL &&
34f96f 
+                        (len = state->head->extra_max - state->length) <
34f96f 
+                            state->head->extra_max) {
34f96f 
                         memcpy(state->head->extra + len, next,
34f96f 
                                len + copy > state->head->extra_max ?
34f96f 
                                state->head->extra_max - len : copy);

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation | About

© Red Hat, Inc. and others.