diff options
| author |   martynas <martynas@openbsd.org> | 2009-06-21 00:31:42 +0000 |
|---|---|---|
| committer | martynas <martynas@openbsd.org> | 2009-06-21 00:31:42 +0000 |
| commit | 6a153ceef817f397206a456078e5183d146144e5 (patch) | |
| tree | 4d3cd8b05c30957296a454fc35e4c5a6083a5cc0 | |
| parent | 4.6-BETA (diff) | |
| download | wireguard-openbsd-6a153ceef817f397206a456078e5183d146144e5.tar.xz wireguard-openbsd-6a153ceef817f397206a456078e5183d146144e5.zip | |
CVE-2009-1391: Buffer overflow in the inflate function in Zlib.xs
in Compress::Raw::Zlib Perl module.
initial diff & ok millert@. go for it miod@
| -rw-r--r-- | gnu/usr.bin/perl/ext/Compress/Raw/Zlib/Zlib.xs | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/gnu/usr.bin/perl/ext/Compress/Raw/Zlib/Zlib.xs b/gnu/usr.bin/perl/ext/Compress/Raw/Zlib/Zlib.xs index b100f4cf3b4..a80c5811c4c 100644 --- a/gnu/usr.bin/perl/ext/Compress/Raw/Zlib/Zlib.xs +++ b/gnu/usr.bin/perl/ext/Compress/Raw/Zlib/Zlib.xs @@ -1295,7 +1295,7 @@ inflate (s, buf, output, eof=FALSE) if (s->stream.avail_out == 0 ) { /* out of space in the output buffer so make it bigger */ - Sv_Grow(output, SvLEN(output) + bufinc) ; + Sv_Grow(output, SvLEN(output) + bufinc +1) ; cur_length += increment ; s->stream.next_out = (Bytef*) SvPVbyte_nolen(output) + cur_length ; increment = bufinc ; |