summaryrefslogtreecommitdiff
path: root/archivers/gzip/patches/patch-ah
blob: 4673d11e76517d6d5a174e8656563a24756dd85d (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
$NetBSD: patch-ah,v 1.1 2010/02/02 14:42:43 taca Exp $

Fix for CVE-2010-0001.

--- unlzw.c.orig	2006-12-11 18:54:39.000000000 +0000
+++ unlzw.c
@@ -248,7 +248,8 @@ int unlzw(in, out)
 	int  o;
 
     resetbuf:
-	e = insize-(o = (posbits>>3));
+	o = posbits >> 3;
+	e = o <= insize ? insize - o : 0;
 
 	for (i = 0 ; i < e ; ++i) {
 	    inbuf[i] = inbuf[i+o];