]> CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit
projects / FreeBSD / FreeBSD.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 3d3693d) | patch
zlib: Fix a bug when getting a gzip header extra field with inflate().
authorMark Adler <fork@madler.net>
Sat, 30 Jul 2022 22:51:11 +0000 (15:51 -0700)
committerEd Maste <emaste@FreeBSD.org>
Tue, 30 Aug 2022 22:59:16 +0000 (18:59 -0400)
commit938108cf04f0e222455c97f7ef038cbb0411a1e7
treedeae4a00f4906e7c44377a87c0f30ff1bbde88f2tree | snapshot
parent3d3693dae230a7e7bd58249abdd53297e81f3acbcommit | diff
zlib: Fix a bug when getting a gzip header extra field with inflate().

If the extra field was larger than the space the user provided with
inflateGetHeader(), and if multiple calls of inflate() delivered
the extra header data, then there could be a buffer overflow of the
provided space. This commit assures that provided space is not
exceeded.

(cherry picked from zlib commit eff308af425b67093bab25f80f1ae950166bece1)
(cherry picked from zlib commit 1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d)

(cherry picked from commit dc3509f1aafcd966f3dd9226115cf94b691ff3c7)
(cherry picked from commit 2969066f73fc67a614144ac09b9f3f5291937fed)
(cherry picked from commit 72bc320879944fecae59e903381c33ab4d5e443b)
(cherry picked from commit bd8faba77f6f8eb344ab4f5b44536dab87b2b05c)

Approved by: so
Security: CVE-2022-37434
sys/contrib/zlib/inflate.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.