diff options
| author | Thiago Macieira <thiago.macieira@intel.com> | 2022-09-02 13:13:45 -0300 |
|---|---|---|
| committer | Thiago Macieira <thiago.macieira@intel.com> | 2022-09-06 09:34:43 -0300 |
| commit | d6fae59faa49cedf44960f54b43cb80c6a751a15 (patch) | |
| tree | d5394f881fc99195880d33450fdab5f5f5f75e11 /src/3rdparty/zlib/0001-Fix-a-bug-when-getting-a-gzip-header-extra-field-wit.patch | |
| parent | 83e70c315742c5de964a1fc5f973ad087f5894e2 (diff) | |
3rdparty: apply a fix to the last zlib fix
Source:
https://github.com/madler/zlib/commit/1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d
Pick-to: 5.15 6.2 6.3 6.4
Change-Id: Ic6547f8247454b47baa8fffd17111732eb074b0a
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
Diffstat (limited to 'src/3rdparty/zlib/0001-Fix-a-bug-when-getting-a-gzip-header-extra-field-wit.patch')
| -rw-r--r-- | src/3rdparty/zlib/0001-Fix-a-bug-when-getting-a-gzip-header-extra-field-wit.patch | 35 |
1 files changed, 0 insertions, 35 deletions
diff --git a/src/3rdparty/zlib/0001-Fix-a-bug-when-getting-a-gzip-header-extra-field-wit.patch b/src/3rdparty/zlib/0001-Fix-a-bug-when-getting-a-gzip-header-extra-field-wit.patch deleted file mode 100644 index 808f88f142..0000000000 --- a/src/3rdparty/zlib/0001-Fix-a-bug-when-getting-a-gzip-header-extra-field-wit.patch +++ /dev/null @@ -1,35 +0,0 @@ -From eff308af425b67093bab25f80f1ae950166bece1 Mon Sep 17 00:00:00 2001 -From: Mark Adler <fork@madler.net> -Date: Sat, 30 Jul 2022 15:51:11 -0700 -Subject: [PATCH] Fix a bug when getting a gzip header extra field with - inflate(). - -If the extra field was larger than the space the user provided with -inflateGetHeader(), and if multiple calls of inflate() delivered -the extra header data, then there could be a buffer overflow of the -provided space. This commit assures that provided space is not -exceeded. ---- - inflate.c | 5 +++-- - 1 file changed, 3 insertions(+), 2 deletions(-) - -diff --git a/inflate.c b/inflate.c -index 7be8c63..7a72897 100644 ---- a/inflate.c -+++ b/inflate.c -@@ -763,9 +763,10 @@ int flush; - copy = state->length; - if (copy > have) copy = have; - if (copy) { -+ len = state->head->extra_len - state->length; - if (state->head != Z_NULL && -- state->head->extra != Z_NULL) { -- len = state->head->extra_len - state->length; -+ state->head->extra != Z_NULL && -+ len < state->head->extra_max) { - zmemcpy(state->head->extra + len, next, - len + copy > state->head->extra_max ? - state->head->extra_max - len : copy); --- -2.37.1 - |