[go: nahoru, domu]
Skip to content

Commit

Permalink
Assure that the number of bits for deflatePrime() is valid.
Browse files Browse the repository at this point in the history
  • Loading branch information
@madler
madler committed Apr 20, 2018
1 parent 5c44459 commit 4346a16
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion deflate.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -589,7 +589,8 @@ int ZEXPORT deflatePrime (strm, bits, value)

if (deflateStateCheck(strm)) return Z_STREAM_ERROR;
s = strm->state;
if (s->sym_buf < s->pending_out + ((Buf_size + 7) >> 3))
if (bits < 0 || bits > 16 ||
s->sym_buf < s->pending_out + ((Buf_size + 7) >> 3))
return Z_BUF_ERROR;
do {
put = Buf_size - s->bi_valid;
Expand Down

1 comment on commit 4346a16

@vielmetti
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Several of the distributions that have patched CVE-2018-25032 have also picked up this patch, per discussion at #605 .

Please sign in to comment.