Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Evergreen:11.1:kernel-2.6.32
gzip
gzip-CVE-2009-2624.diff
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File gzip-CVE-2009-2624.diff of Package gzip
From ebdc941a5d771a70b2f3ecde4cb94e50efd95c5d Mon Sep 17 00:00:00 2001 From: Thiemo Nagel <thiemo.nagel@ph.tum.de> Date: Sat, 29 Nov 2008 16:06:59 +0100 Subject: [PATCH] Avoid creating an undersized buffer for the hufts table. A specific malformed input file (cf. attachment) either leads to gzip crashing with segmentation violation or hanging in an endless loop. Attached patch fixes the problem. --- inflate.c | 6 ++++-- 1 files changed, 6 insertions(+), 3 deletions(-) diff --git a/inflate.c b/inflate.c index 9f3a661..2f4954b 100644 --- a/inflate.c +++ b/inflate.c @@ -335,13 +335,15 @@ int *m; /* maximum lookup bits, returns actual */ } while (--i); if (c[0] == n) /* null input--all zero length codes */ { - q = (struct huft *) malloc (2 * sizeof *q); + q = (struct huft *) malloc (3 * sizeof *q); if (!q) return 3; - hufts += 2; + hufts += 3; q[0].v.t = (struct huft *) NULL; q[1].e = 99; /* invalid code marker */ q[1].b = 1; + q[2].e = 99; /* invalid code marker */ + q[2].b = 1; *t = q + 1; *m = 1; return 0; -- 1.5.6.5
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor