rpm/zlib
SHA256
1
0
Fork 0
forked from pool/zlib
Code Pull Requests Activity
f6c5a01beb
zlib/zlib-1.2.12-correct-inputs-provided-to-crc-func.patch
Danilo Spinella 2a16479848 Accepting request 1000394 from home:dspinella:branches:devel:libraries:c_c++ 
- Update to 1.2.12:
  * A lot of bug fixes
  * Improve speed of crc32 functions
  * Use ARM crc32 instructions if the ARM architecture has them
  For the complete changes, see ChangeLog
- Fixes CVE-2022-37434,  heap-based buffer over-read or buffer overflow in
  inflate.c via a large gzip header extra field
  (CVE-2022-37434, bsc#1202175)
- Added patches:
  * zlib-1.2.11-covscan-issues-rhel9.patch
  * zlib-1.2.11-covscan-issues.patch
  * zlib-1.2.12-s390-vectorize-crc32.patch
  * zlib-1.2.12-optimized-crc32-power8.patch
  * zlib-1.2.12-IBM-Z-hw-accelerated-deflate-s390x.patch
  * zlib-1.2.12-fix-configure.patch
  * zlib-1.2.12-correct-inputs-provided-to-crc-func.patch
  * zlib-1.2.12-fix-CVE-2022-37434.patch
- Removed patches:
  * bsc1197459.patch (upstreamed)
  * zlib-power8-fate325307.patch
    (replaced by zlib-1.2.12-optimized-crc32-power8.patch)
  * bsc1174736-DFLTCC_LEVEL_MASK-set-to-0x1ff.patch
    (replaced by zlib-1.2.12-IBM-Z-hw-accelrated-deflate-s390x.patch)
  * 410.patch
    (replaced by zlib-1.2.12-IBM-Z-hw-accelrated-deflate-s390x.patch)
- Refreshed patches:
  * zlib-format.patch
  * zlib-no-version-check.patch
- Disable profiling since it breaks tests
- Update zlib-rpmlintrc

OBS-URL: https://build.opensuse.org/request/show/1000394
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/zlib?expand=0&rev=79
2022-08-31 07:52:46 +00:00

52 lines
1.6 KiB
Diff
Raw Blame History

From ec3df00224d4b396e2ac6586ab5d25f673caa4c2 Mon Sep 17 00:00:00 2001
From: Mark Adler <madler@alumni.caltech.edu>
Date: Wed, 30 Mar 2022 11:14:53 -0700
Subject: [PATCH] Correct incorrect inputs provided to the CRC functions.
The previous releases of zlib were not sensitive to incorrect CRC
inputs with bits set above the low 32. This commit restores that
behavior, so that applications with such bugs will continue to
operate as before.
---
crc32.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/crc32.c b/crc32.c
index a1bdce5c2..451887bc7 100644
--- a/crc32.c
+++ b/crc32.c
@@ -630,7 +630,7 @@ unsigned long ZEXPORT crc32_z(crc, buf, len)
#endif /* DYNAMIC_CRC_TABLE */
/* Pre-condition the CRC */
- crc ^= 0xffffffff;
+ crc = (~crc) & 0xffffffff;
/* Compute the CRC up to a word boundary. */
while (len && ((z_size_t)buf & 7) != 0) {
@@ -749,7 +749,7 @@ unsigned long ZEXPORT crc32_z(crc, buf, len)
#endif /* DYNAMIC_CRC_TABLE */
/* Pre-condition the CRC */
- crc ^= 0xffffffff;
+ crc = (~crc) & 0xffffffff;
#ifdef W
@@ -1077,7 +1077,7 @@ uLong ZEXPORT crc32_combine64(crc1, crc2, len2)
#ifdef DYNAMIC_CRC_TABLE
once(&made, make_crc_table);
#endif /* DYNAMIC_CRC_TABLE */
- return multmodp(x2nmodp(len2, 3), crc1) ^ crc2;
+ return multmodp(x2nmodp(len2, 3), crc1) ^ (crc2 & 0xffffffff);
}
/* ========================================================================= */
@@ -1112,5 +1112,5 @@ uLong crc32_combine_op(crc1, crc2, op)
uLong crc2;
uLong op;
{
- return multmodp(op, crc1) ^ crc2;
+ return multmodp(op, crc1) ^ (crc2 & 0xffffffff);
}
View Git Blame Copy Permalink