diff options
| author | jperkin <jperkin@pkgsrc.org> | 2022-05-13 07:34:20 +0000 |
|---|---|---|
| committer | jperkin <jperkin@pkgsrc.org> | 2022-05-13 07:34:20 +0000 |
| commit | 3f49622ef054458f09d11c4fa606d54c98271968 (patch) | |
| tree | 5811b1ddd7f2a2bf73ff16486e15440f6a5e906a | |
| parent | 0c971c3798d290101a12e18c359a08ed2ab04f54 (diff) | |
| download | pkgsrc-3f49622ef054458f09d11c4fa606d54c98271968.tar.gz | |
zlib: Apply upstream patch to workaround CRC issue.
Should fix abuse by openjdk and others. Bump PKGREVISION.
Upstream commit:
From ec3df00224d4b396e2ac6586ab5d25f673caa4c2 Mon Sep 17 00:00:00 2001
From: Mark Adler <madler@alumni.caltech.edu>
Date: Wed, 30 Mar 2022 11:14:53 -0700
Subject: [PATCH] Correct incorrect inputs provided to the CRC functions.
The previous releases of zlib were not sensitive to incorrect CRC
inputs with bits set above the low 32. This commit restores that
behavior, so that applications with such bugs will continue to
operate as before.
| -rw-r--r-- | devel/zlib/Makefile | 3 | ||||
| -rw-r--r-- | devel/zlib/files/crc32.c | 10 |
2 files changed, 7 insertions, 6 deletions
diff --git a/devel/zlib/Makefile b/devel/zlib/Makefile index 866c3e64371..cc99bf88ad3 100644 --- a/devel/zlib/Makefile +++ b/devel/zlib/Makefile @@ -1,6 +1,7 @@ -# $NetBSD: Makefile,v 1.58 2022/03/29 22:09:41 wiz Exp $ +# $NetBSD: Makefile,v 1.59 2022/05/13 07:34:20 jperkin Exp $ DISTNAME= zlib-1.2.12 +PKGREVISION= 1 CATEGORIES= devel MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=libpng/} MASTER_SITES+= http://zlib.net/ diff --git a/devel/zlib/files/crc32.c b/devel/zlib/files/crc32.c index a09d4b9316f..5c252289b9b 100644 --- a/devel/zlib/files/crc32.c +++ b/devel/zlib/files/crc32.c @@ -7,7 +7,7 @@ * Kadatch and Jenkins (2010). See doc/crc-doc.1.0.pdf in this distribution. */ -/* @(#) $Id: crc32.c,v 1.5 2022/03/29 22:09:41 wiz Exp $ */ +/* @(#) $Id: crc32.c,v 1.6 2022/05/13 07:34:20 jperkin Exp $ */ /* Note on the use of DYNAMIC_CRC_TABLE: there is no mutex or semaphore @@ -630,7 +630,7 @@ unsigned long ZEXPORT crc32_z(crc, buf, len) #endif /* DYNAMIC_CRC_TABLE */ /* Pre-condition the CRC */ - crc ^= 0xffffffff; + crc = (~crc) & 0xffffffff; /* Compute the CRC up to a word boundary. */ while (len && ((z_size_t)buf & 7) != 0) { @@ -749,7 +749,7 @@ unsigned long ZEXPORT crc32_z(crc, buf, len) #endif /* DYNAMIC_CRC_TABLE */ /* Pre-condition the CRC */ - crc ^= 0xffffffff; + crc = (~crc) & 0xffffffff; #ifdef W @@ -1077,7 +1077,7 @@ uLong ZEXPORT crc32_combine64(crc1, crc2, len2) #ifdef DYNAMIC_CRC_TABLE once(&made, make_crc_table); #endif /* DYNAMIC_CRC_TABLE */ - return multmodp(x2nmodp(len2, 3), crc1) ^ crc2; + return multmodp(x2nmodp(len2, 3), crc1) ^ (crc2 & 0xffffffff); } /* ========================================================================= */ @@ -1112,5 +1112,5 @@ uLong crc32_combine_op(crc1, crc2, op) uLong crc2; uLong op; { - return multmodp(op, crc1) ^ crc2; + return multmodp(op, crc1) ^ (crc2 & 0xffffffff); } |