Projects
Factory:RISC-V:Base
gzip
_service:tar_scm:backport-gzip-detect-invalid-i...
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _service:tar_scm:backport-gzip-detect-invalid-input.patch of Package gzip
From 63814d71ed81baec6f8b55513b561e045b160fa2 Mon Sep 17 00:00:00 2001 From: Paul Eggert <eggert@trombone> Date: Tue, 28 Jun 2022 22:30:08 -0500 Subject: [PATCH 1/2] gzip: detect invalid input Conflict: Context adapt: Tracevv((stderr,"\\[%d,%d]", w-d, n)); Reference: https://git.savannah.gnu.org/cgit/gzip.git/commit/?id=4b58eee79d3af3647adb4c78938d83970e788975 Problem reported by Young Mo Kang and fix from Mark Adler (Bug#56247). * inflate.c: Include stdbool.h. (fresh): New static var. * inflate.c (flush_output): Clear it. (inflate): Set it. (inflate_codes): Fail if the offset is outside a fresh input window. --- inflate.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/inflate.c b/inflate.c index f54eb65..d5b8c44 100644 --- a/inflate.c +++ b/inflate.c @@ -117,6 +117,7 @@ #include <config.h> +#include <stdbool.h> #include <stdlib.h> #include "tailor.h" @@ -153,8 +154,9 @@ static int huft_free (struct huft *); "uch *slide;" and then malloc'ed in the latter case. The definition must be in unzip.h, included above. */ /* unsigned wp; current position in slide */ +static bool fresh; #define wp outcnt -#define flush_output(w) (wp=(w),flush_window()) +#define flush_output(w) (fresh = false, wp = (w), flush_window ()) /* Tables for deflate from PKZIP's appnote.txt. */ static unsigned border[] = { /* Order of the bit length code lengths */ @@ -572,6 +574,8 @@ inflate_codes(struct huft *tl, struct huft *td, int bl, int bd) NEEDBITS(e) d = w - t->v.n - ((unsigned)b & mask_bits[e]); DUMPBITS(e) + if (fresh && w <= d) + return 1; Tracevv((stderr,"\\[%d,%d]", w-d, n)); /* do the copy */ @@ -954,6 +958,7 @@ inflate(void) wp = 0; bk = 0; bb = 0; + fresh = true; /* decompress until the last block */ -- 2.27.0
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.
浙ICP备2022010568号-2