zlib/backport-0002-CVE-2018-25032.patch

From 4346a16853e19b45787ce933666026903fb8f3f8 Mon Sep 17 00:00:00 2001
From: Mark Adler <madler@alumni.caltech.edu>
Date: Tue, 17 Apr 2018 22:44:41 -0700
Subject: [PATCH] Assure that the number of bits for deflatePrime() is valid.

---
 deflate.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/deflate.c b/deflate.c
index 3db6d75..a4b0977 100644
--- a/deflate.c
+++ b/deflate.c
@@ -604,7 +604,8 @@ int ZEXPORT deflatePrime (strm, bits, value)
 
     if (deflateStateCheck(strm)) return Z_STREAM_ERROR;
     s = strm->state;
-    if (s->sym_buf < s->pending_out + ((Buf_size + 7) >> 3))
+    if (bits < 0 || bits > 16 ||
+        s->sym_buf < s->pending_out + ((Buf_size + 7) >> 3))
         return Z_BUF_ERROR;
     do {
         put = Buf_size - s->bi_valid;
-- 
2.27.0
modify patch info for CVE-2018-25032 2022-04-18 15:38:54 +08:00			`From 4346a16853e19b45787ce933666026903fb8f3f8 Mon Sep 17 00:00:00 2001`
			`From: Mark Adler <madler@alumni.caltech.edu>`
			`Date: Tue, 17 Apr 2018 22:44:41 -0700`
			`Subject: [PATCH] Assure that the number of bits for deflatePrime() is valid.`
fix CVE-2018-25032 2022-04-13 17:19:20 +08:00
			`---`
			`deflate.c \| 3 ++-`
			`1 file changed, 2 insertions(+), 1 deletion(-)`

			`diff --git a/deflate.c b/deflate.c`
			`index 3db6d75..a4b0977 100644`
			`--- a/deflate.c`
			`+++ b/deflate.c`
			`@@ -604,7 +604,8 @@ int ZEXPORT deflatePrime (strm, bits, value)`

			`if (deflateStateCheck(strm)) return Z_STREAM_ERROR;`
			`s = strm->state;`
			`- if (s->sym_buf < s->pending_out + ((Buf_size + 7) >> 3))`
			`+ if (bits < 0 \|\| bits > 16 \|\|`
			`+ s->sym_buf < s->pending_out + ((Buf_size + 7) >> 3))`
			`return Z_BUF_ERROR;`
			`do {`
			`put = Buf_size - s->bi_valid;`
			`--`
			`2.27.0`