archivers/gzip/patches/patch-ag


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24

$NetBSD: patch-ag,v 1.1 2010/02/02 14:42:43 taca Exp $

Fix for CVE-2009-2624.

--- inflate.c.orig	2006-12-20 23:30:17.000000000 +0000
+++ inflate.c
@@ -335,13 +335,15 @@ int *m;                 /* maximum looku
   } while (--i);
   if (c[0] == n)                /* null input--all zero length codes */
   {
-    q = (struct huft *) malloc (2 * sizeof *q);
+    q = (struct huft *) malloc (3 * sizeof *q);
     if (!q)
       return 3;
-    hufts += 2;
+    hufts += 3;
     q[0].v.t = (struct huft *) NULL;
     q[1].e = 99;    /* invalid code marker */
     q[1].b = 1;
+    q[2].e = 99;    /* invalid code marker */
+    q[2].b = 1;
     *t = q + 1;
     *m = 1;
     return 0;