From 34f96f1745c594d713a9882075b2a78f87a65181 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C3=98rjan=20Malde?= <red@foxi.me>
Date: Thu, 27 Oct 2022 11:35:10 +0200
Subject: patches/libz/CVE-2022-37434.patch: new patch.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Ørjan Malde <red@foxi.me>
---
 patches/libz/CVE-2022-37434.patch | 15 +++++++++++++++
 1 file changed, 15 insertions(+)
 create mode 100644 patches/libz/CVE-2022-37434.patch

(limited to 'patches/libz')

diff --git a/patches/libz/CVE-2022-37434.patch b/patches/libz/CVE-2022-37434.patch
new file mode 100644
index 00000000..b6f5e2e3
--- /dev/null
+++ b/patches/libz/CVE-2022-37434.patch
@@ -0,0 +1,15 @@
+diff -ru libz-1.2.8.2015.12.26.orig/inflate.c libz-1.2.8.2015.12.26/inflate.c
+--- libz-1.2.8.2015.12.26.orig/inflate.c	2015-12-21 23:37:02.000000000 +0100
++++ libz-1.2.8.2015.12.26/inflate.c	2022-10-27 11:32:39.403516533 +0200
+@@ -595,8 +595,9 @@
+                 if (copy > have) copy = have;
+                 if (copy) {
+                     if (state->head != NULL &&
+-                        state->head->extra != NULL) {
+-                        len = state->head->extra_len - state->length;
++                        state->head->extra != NULL &&
++                        (len = state->head->extra_max - state->length) <
++                            state->head->extra_max) {
+                         memcpy(state->head->extra + len, next,
+                                len + copy > state->head->extra_max ?
+                                state->head->extra_max - len : copy);
-- 
cgit v1.2.3