source: trunk/server/common/patches/gzip-cve-2009-2624.patch @ 1433

Last change on this file since 1433 was 1433, checked in by mitchb, 14 years ago
Scriptsify gzip to patch for CVE-2009-2624 and CVE-2010-0001
File size: 596 bytes
RevLine 
[1433]1--- inflate.c.orig      2010-01-21 05:31:35.000000000 -0500
2+++ inflate.c   2010-01-21 05:31:43.000000000 -0500
3@@ -335,13 +335,15 @@
4   } while (--i);
5   if (c[0] == n)                /* null input--all zero length codes */
6   {
7-    q = (struct huft *) malloc (2 * sizeof *q);
8+    q = (struct huft *) malloc (3 * sizeof *q);
9     if (!q)
10       return 3;
11-    hufts += 2;
12+    hufts += 3;
13     q[0].v.t = (struct huft *) NULL;
14     q[1].e = 99;    /* invalid code marker */
15     q[1].b = 1;
16+    q[2].e = 99;    /* invalid code marker */
17+    q[2].b = 1;
18     *t = q + 1;
19     *m = 1;
20     return 0;
Note: See TracBrowser for help on using the repository browser.