File: CVE-2016-9842

package info (click to toggle)
zlib 1%3A1.2.11.dfsg-2
  • links: PTS
  • area: main
  • in suites: bookworm, bullseye, bullseye-backports, bullseye-proposed-updates, sid
  • size: 1,856 kB
  • sloc: ansic: 17,063; sh: 983; makefile: 575; pascal: 115; perl: 104; xml: 95
file content (27 lines) | stat: -rw-r--r-- 965 bytes parent folder | download | duplicates (3)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
commit e54e1299404101a5a9d0cf5e45512b543967f958
Author: Mark Adler <madler@alumni.caltech.edu>
Date:   Sat Sep 5 17:45:55 2015 -0700

    Avoid shifts of negative values inflateMark().
    
    The C standard says that bit shifts of negative integers is
    undefined.  This casts to unsigned values to assure a known
    result.

diff --git a/inflate.c b/inflate.c
index 2889e3a..a718416 100644
--- a/inflate.c
+++ b/inflate.c
@@ -1506,9 +1506,10 @@ z_streamp strm;
 {
     struct inflate_state FAR *state;
 
-    if (strm == Z_NULL || strm->state == Z_NULL) return -1L << 16;
+    if (strm == Z_NULL || strm->state == Z_NULL)
+        return (long)(((unsigned long)0 - 1) << 16);
     state = (struct inflate_state FAR *)strm->state;
-    return ((long)(state->back) << 16) +
+    return (long)(((unsigned long)((long)state->back)) << 16) +
         (state->mode == COPY ? state->length :
             (state->mode == MATCH ? state->was - state->length : 0));
 }