rpm/gzip
SHA256
1
0
Fork 0
forked from pool/gzip
Code Pull Requests Activity
c9e787482b
gzip/gzip-CVE-2010-0001.diff
OBS User autobuild c7c6ba1ff6 Accepting request 30400 from Base:System 
Copy from Base:System/gzip based on submit request 30400 from user mseben

OBS-URL: https://build.opensuse.org/request/show/30400
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gzip?expand=0&rev=13
2010-01-29 14:00:15 +00:00

17 lines
493 B
Diff
Raw Blame History

* unlzw.c (unlzw): Avoid integer overflow.
Aki Helin reported the segfault along with an input to trigger the bug.
Index: gzip-1.3.13/unlzw.c
===================================================================
--- gzip-1.3.13.orig/unlzw.c
+++ gzip-1.3.13/unlzw.c
@@ -244,7 +244,8 @@ int unlzw(in, out)
int o;
resetbuf:
- e = insize-(o = (posbits>>3));
+ o = posbits >> 3;
+ e = o <= insize ? insize - o : 0;
for (i = 0 ; i < e ; ++i) {
inbuf[i] = inbuf[i+o];
View Git Blame Copy Permalink