isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update embedded copy of zlib to version 1.2.13. Fixes CVE-2022-37434.

Browse Source
This commit is contained in:
Todd C. Miller
2022-10-13 17:04:24 -06:00
parent 0be0757d64
commit 51a1a7d63f
17 changed files with 260 additions and 226 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
lib/zlib/inflate.c
View File

@@ -168,6 +168,8 @@ int windowBits;
/* extract wrap request from windowBits parameter */
if (windowBits < 0) {
if (windowBits < -15)
return Z_STREAM_ERROR;
wrap = 0;
windowBits = -windowBits;
}
@@ -764,8 +766,9 @@ int flush;
if (copy > have) copy = have;
if (copy) {
if (state->head != Z_NULL &&
state->head->extra != Z_NULL) {
len = state->head->extra_len - state->length;
state->head->extra != Z_NULL &&
(len = state->head->extra_len - state->length) <
state->head->extra_max) {
zmemcpy(state->head->extra + len, next,
len + copy > state->head->extra_max ?
state->head->extra_max - len : copy);