head 1.1; access; symbols OPENPKG_E1_MP_HEAD:1.1 OPENPKG_E1_MP:1.1 OPENPKG_E1_MP_2_STABLE:1.1 OPENPKG_E1_FP:1.1 OPENPKG_2_STABLE_20061018:1.1 OPENPKG_2_STABLE:1.1.0.22 OPENPKG_2_STABLE_BP:1.1 OPENPKG_2_5_SOLID:1.1.0.20 OPENPKG_2_5_SOLID_BP:1.1 OPENPKG_2_4_RELEASE:1.1 OPENPKG_2_4_SOLID:1.1.0.18 OPENPKG_2_4_SOLID_BP:1.1 OPENPKG_2_3_RELEASE:1.1 OPENPKG_2_3_SOLID:1.1.0.16 OPENPKG_2_3_SOLID_BP:1.1 OPENPKG_2_2_RELEASE:1.1 OPENPKG_2_2_SOLID:1.1.0.14 OPENPKG_2_2_SOLID_BP:1.1 OPENPKG_2_1_RELEASE:1.1 OPENPKG_2_1_SOLID:1.1.0.12 OPENPKG_2_1_SOLID_BP:1.1 OPENPKG_2_0_RELEASE:1.1 OPENPKG_2_0_SOLID:1.1.0.10 OPENPKG_2_0_SOLID_BP:1.1 OPENPKG_1_3_RELEASE:1.1 OPENPKG_1_3_SOLID:1.1.0.8 OPENPKG_1_3_SOLID_BP:1.1 OPENPKG_1_2_SOLID:1.1.0.6 OPENPKG_1_2_SOLID_BP:1.1 OPENPKG_1_STABLE:1.1.0.4 OPENPKG_1_STABLE_BP:1.1 OPENPKG_1_0_SOLID:1.1.0.2; locks; strict; comment @# @; 1.1 date 2002.03.12.14.45.25; author rse; state dead; branches 1.1.2.1; next ; 1.1.2.1 date 2002.03.12.14.45.25; author rse; state Exp; branches; next ; desc @@ 1.1 log @file zlib.diff was initially added on branch OPENPKG_1_0_SOLID. @ text @@ 1.1.2.1 log @fix security bug (http://www.gzip.org/zlib/advisory-2002-03-11.txt) @ text @a0 40 diff -u3 zlib-1.1.3/infblock.c zlib-1.1.4/infblock.c --- zlib-1.1.3/infblock.c Mon Jun 8 19:06:16 1998 +++ zlib-1.1.4/infblock.c Mon Mar 11 14:16:01 2002 @@@@ -249,10 +249,12 @@@@ &s->sub.trees.tb, s->hufts, z); if (t != Z_OK) { - ZFREE(z, s->sub.trees.blens); r = t; if (r == Z_DATA_ERROR) + { + ZFREE(z, s->sub.trees.blens); s->mode = BAD; + } LEAVE } s->sub.trees.index = 0; @@@@ -313,11 +315,13 @@@@ t = inflate_trees_dynamic(257 + (t & 0x1f), 1 + ((t >> 5) & 0x1f), s->sub.trees.blens, &bl, &bd, &tl, &td, s->hufts, z); - ZFREE(z, s->sub.trees.blens); if (t != Z_OK) { if (t == (uInt)Z_DATA_ERROR) + { + ZFREE(z, s->sub.trees.blens); s->mode = BAD; + } r = t; LEAVE } @@@@ -329,6 +333,7 @@@@ } s->sub.decode.codes = c; } + ZFREE(z, s->sub.trees.blens); s->mode = CODES; case CODES: UPDATE @