rpms/zlib
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Fix heap-based buffer over-read or buffer overflow in inflate.c

Browse Source 
Upstream patch: ec3df00224

Resolves: CVE-2022-37434
This commit is contained in:
Lukas Javorsky 2022-08-10 07:58:54 +00:00
parent 6e982b7c51
commit de5caa002f
2 changed files with 23 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
zlib-1.2.12-fix-CVE-2022-37434.patch Normal file
View File

@ -0,0 +1,14 @@
--- zlib-1.2.12/inflate.c.old 2022-08-09 10:30:18.831225181 +0000
+++ zlib-1.2.12/inflate.c 2022-08-09 10:29:33.251225181 +0000
@@ -792,8 +792,9 @@ int flush;
if (copy > have) copy = have;
if (copy) {
if (state->head != Z_NULL &&
- state->head->extra != Z_NULL) {
- len = state->head->extra_len - state->length;
+ state->head->extra != Z_NULL &&
+ (len = state->head->extra_len - state->length) <
+ state->head->extra_max) {
zmemcpy(state->head->extra + len, next,
len + copy > state->head->extra_max ?
state->head->extra_max - len : copy);

11
zlib.spec
View File

@ -2,7 +2,7 @@
Name: zlib Name: zlib
Version: 1.2.12 Version: 1.2.12
Release: 4%{?dist} Release: 5%{?dist}
Summary: Compression and decompression library Summary: Compression and decompression library
# /contrib/dotzlib/ have Boost license # /contrib/dotzlib/ have Boost license
License: zlib and Boost License: zlib and Boost
@ -33,7 +33,9 @@ Patch23: zlib-1.2.11-covscan-issues-rhel9.patch
# Correct incorrect inputs provided to the CRC functions. # Correct incorrect inputs provided to the CRC functions.
# ref: https://github.com/madler/zlib/commit/ec3df00224d4b396e2ac6586ab5d25f673caa4c2 # ref: https://github.com/madler/zlib/commit/ec3df00224d4b396e2ac6586ab5d25f673caa4c2
Patch24: zlib-1.2.12-correct-inputs-provided-to-crc-func.patch Patch24: zlib-1.2.12-correct-inputs-provided-to-crc-func.patch
# Fix for CVE-2022-37434
# ref: https://github.com/madler/zlib/commit/1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d
Patch25: zlib-1.2.12-fix-CVE-2022-37434.patch
BuildRequires: make BuildRequires: make
BuildRequires: automake, autoconf, libtool BuildRequires: automake, autoconf, libtool
@ -96,6 +98,7 @@ developing applications which use minizip.
%patch22 -p1 %patch22 -p1
%patch23 -p1 %patch23 -p1
%patch24 -p1 %patch24 -p1
%patch25 -p1
# Patch19 conflicts with Patch1, so the Patch1 has to be applied after, # Patch19 conflicts with Patch1, so the Patch1 has to be applied after,
# because it is arch specific # because it is arch specific
%ifarch s390 s390x %ifarch s390 s390x
@ -178,6 +181,10 @@ find $RPM_BUILD_ROOT -name '*.la' -delete
%changelog %changelog
* Tue Aug 09 2022 Lukas Javorsky <ljavorsk@redhat.com> - 1.2.12-5
- Fix heap-based buffer over-read or buffer overflow in inflate in inflate.c
- Resolves: CVE-2022-37434
* Sat Jul 23 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.12-4 * Sat Jul 23 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.12-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild