forked from kiss-community/repo
zlib: 1.2.13
This commit is contained in:
parent
da093f53de
commit
47f32ca16b
|
@ -2,10 +2,6 @@
|
||||||
|
|
||||||
export CFLAGS="$CFLAGS -fPIC"
|
export CFLAGS="$CFLAGS -fPIC"
|
||||||
|
|
||||||
for patch in *.patch; do
|
|
||||||
patch -p1 < "$patch"
|
|
||||||
done
|
|
||||||
|
|
||||||
./configure \
|
./configure \
|
||||||
--prefix=/usr
|
--prefix=/usr
|
||||||
|
|
||||||
|
|
|
@ -1,5 +1 @@
|
||||||
91844808532e5ce316b3c010929493c0244f3d37593afd6de04f71821d5136d9
|
b3a24de97a8fdbc835b9833169501030b8977031bcb54b3b3ac13740f846ab30
|
||||||
0bf4794975bd3be95f3f1d92cdf781a26c937d5c879b72939ae9cffbf6c430c7
|
|
||||||
db41b76fd40bdc77b26e9a202177cee807da5e7cf751e72298d62742c349057d
|
|
||||||
f35eb05334a4f8d7b40b6c5610a6369f654863b5fa1a19c2507888f918025238
|
|
||||||
00e023c3ccb7b895ebb3421970b1b77f8a527b40190f35050b79fd0e817a7b0c
|
|
||||||
|
|
|
@ -1,32 +0,0 @@
|
||||||
From eff308af425b67093bab25f80f1ae950166bece1 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Mark Adler <fork@madler.net>
|
|
||||||
Date: Sat, 30 Jul 2022 15:51:11 -0700
|
|
||||||
Subject: [PATCH] Fix a bug when getting a gzip header extra field with
|
|
||||||
inflate().
|
|
||||||
|
|
||||||
If the extra field was larger than the space the user provided with
|
|
||||||
inflateGetHeader(), and if multiple calls of inflate() delivered
|
|
||||||
the extra header data, then there could be a buffer overflow of the
|
|
||||||
provided space. This commit assures that provided space is not
|
|
||||||
exceeded.
|
|
||||||
---
|
|
||||||
inflate.c | 5 +++--
|
|
||||||
1 file changed, 3 insertions(+), 2 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/inflate.c b/inflate.c
|
|
||||||
index 7be8c6366..7a7289749 100644
|
|
||||||
--- a/inflate.c
|
|
||||||
+++ b/inflate.c
|
|
||||||
@@ -763,9 +763,10 @@ int flush;
|
|
||||||
copy = state->length;
|
|
||||||
if (copy > have) copy = have;
|
|
||||||
if (copy) {
|
|
||||||
+ len = state->head->extra_len - state->length;
|
|
||||||
if (state->head != Z_NULL &&
|
|
||||||
- state->head->extra != Z_NULL) {
|
|
||||||
- len = state->head->extra_len - state->length;
|
|
||||||
+ state->head->extra != Z_NULL &&
|
|
||||||
+ len < state->head->extra_max) {
|
|
||||||
zmemcpy(state->head->extra + len, next,
|
|
||||||
len + copy > state->head->extra_max ?
|
|
||||||
state->head->extra_max - len : copy);
|
|
|
@ -1,29 +0,0 @@
|
||||||
From 1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d Mon Sep 17 00:00:00 2001
|
|
||||||
From: Mark Adler <fork@madler.net>
|
|
||||||
Date: Mon, 8 Aug 2022 10:50:09 -0700
|
|
||||||
Subject: [PATCH] Fix extra field processing bug that dereferences NULL
|
|
||||||
state->head.
|
|
||||||
|
|
||||||
The recent commit to fix a gzip header extra field processing bug
|
|
||||||
introduced the new bug fixed here.
|
|
||||||
---
|
|
||||||
inflate.c | 4 ++--
|
|
||||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/inflate.c b/inflate.c
|
|
||||||
index 7a7289749..2a3c4fe98 100644
|
|
||||||
--- a/inflate.c
|
|
||||||
+++ b/inflate.c
|
|
||||||
@@ -763,10 +763,10 @@ int flush;
|
|
||||||
copy = state->length;
|
|
||||||
if (copy > have) copy = have;
|
|
||||||
if (copy) {
|
|
||||||
- len = state->head->extra_len - state->length;
|
|
||||||
if (state->head != Z_NULL &&
|
|
||||||
state->head->extra != Z_NULL &&
|
|
||||||
- len < state->head->extra_max) {
|
|
||||||
+ (len = state->head->extra_len - state->length) <
|
|
||||||
+ state->head->extra_max) {
|
|
||||||
zmemcpy(state->head->extra + len, next,
|
|
||||||
len + copy > state->head->extra_max ?
|
|
||||||
state->head->extra_max - len : copy);
|
|
|
@ -1,43 +0,0 @@
|
||||||
From 80d086357a55b94a13e43756cf3e131f25eef0e4 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Sam James <sam@gentoo.org>
|
|
||||||
Date: Mon, 28 Mar 2022 08:40:45 +0100
|
|
||||||
Subject: [PATCH] Fix CC logic in configure
|
|
||||||
|
|
||||||
In https://github.com/madler/zlib/commit/e9a52aa129efe3834383e415580716a7c4027f8d,
|
|
||||||
the logic was changed to try check harder for GCC, but it dropped
|
|
||||||
the default setting of cc=${CC}. It was throwing away any pre-set CC value as
|
|
||||||
a result.
|
|
||||||
|
|
||||||
The rest of the script then cascades down a bad path because it's convinced
|
|
||||||
it's not GCC or a GCC-like compiler.
|
|
||||||
|
|
||||||
This led to e.g. misdetection of inability to build shared libs
|
|
||||||
for say, multilib cases (w/ CC being one thing from the environment being used
|
|
||||||
for one test (e.g. x86_64-unknown-linux-gnu-gcc -m32 and then 'cc' used for
|
|
||||||
shared libs (but missing "-m32"!)). Obviously just one example of how
|
|
||||||
the old logic could break.
|
|
||||||
|
|
||||||
This restores the old default of 'CC' if nothing overrides it later
|
|
||||||
in configure.
|
|
||||||
|
|
||||||
Bug: https://bugs.gentoo.org/836308
|
|
||||||
Signed-off-by: Sam James <sam@gentoo.org>
|
|
||||||
---
|
|
||||||
configure | 3 +++
|
|
||||||
1 file changed, 3 insertions(+)
|
|
||||||
|
|
||||||
diff --git a/configure b/configure
|
|
||||||
index 52ff4a04e..3fa3e8618 100755
|
|
||||||
--- a/configure
|
|
||||||
+++ b/configure
|
|
||||||
@@ -174,7 +174,10 @@ if test -z "$CC"; then
|
|
||||||
else
|
|
||||||
cc=${CROSS_PREFIX}cc
|
|
||||||
fi
|
|
||||||
+else
|
|
||||||
+ cc=${CC}
|
|
||||||
fi
|
|
||||||
+
|
|
||||||
cflags=${CFLAGS-"-O3"}
|
|
||||||
# to force the asm version use: CFLAGS="-O3 -DASMV" ./configure
|
|
||||||
case "$cc" in
|
|
|
@ -1,51 +0,0 @@
|
||||||
From ec3df00224d4b396e2ac6586ab5d25f673caa4c2 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Mark Adler <madler@alumni.caltech.edu>
|
|
||||||
Date: Wed, 30 Mar 2022 11:14:53 -0700
|
|
||||||
Subject: [PATCH] Correct incorrect inputs provided to the CRC functions.
|
|
||||||
|
|
||||||
The previous releases of zlib were not sensitive to incorrect CRC
|
|
||||||
inputs with bits set above the low 32. This commit restores that
|
|
||||||
behavior, so that applications with such bugs will continue to
|
|
||||||
operate as before.
|
|
||||||
---
|
|
||||||
crc32.c | 8 ++++----
|
|
||||||
1 file changed, 4 insertions(+), 4 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/crc32.c b/crc32.c
|
|
||||||
index a1bdce5c2..451887bc7 100644
|
|
||||||
--- a/crc32.c
|
|
||||||
+++ b/crc32.c
|
|
||||||
@@ -630,7 +630,7 @@ unsigned long ZEXPORT crc32_z(crc, buf, len)
|
|
||||||
#endif /* DYNAMIC_CRC_TABLE */
|
|
||||||
|
|
||||||
/* Pre-condition the CRC */
|
|
||||||
- crc ^= 0xffffffff;
|
|
||||||
+ crc = (~crc) & 0xffffffff;
|
|
||||||
|
|
||||||
/* Compute the CRC up to a word boundary. */
|
|
||||||
while (len && ((z_size_t)buf & 7) != 0) {
|
|
||||||
@@ -749,7 +749,7 @@ unsigned long ZEXPORT crc32_z(crc, buf, len)
|
|
||||||
#endif /* DYNAMIC_CRC_TABLE */
|
|
||||||
|
|
||||||
/* Pre-condition the CRC */
|
|
||||||
- crc ^= 0xffffffff;
|
|
||||||
+ crc = (~crc) & 0xffffffff;
|
|
||||||
|
|
||||||
#ifdef W
|
|
||||||
|
|
||||||
@@ -1077,7 +1077,7 @@ uLong ZEXPORT crc32_combine64(crc1, crc2, len2)
|
|
||||||
#ifdef DYNAMIC_CRC_TABLE
|
|
||||||
once(&made, make_crc_table);
|
|
||||||
#endif /* DYNAMIC_CRC_TABLE */
|
|
||||||
- return multmodp(x2nmodp(len2, 3), crc1) ^ crc2;
|
|
||||||
+ return multmodp(x2nmodp(len2, 3), crc1) ^ (crc2 & 0xffffffff);
|
|
||||||
}
|
|
||||||
|
|
||||||
/* ========================================================================= */
|
|
||||||
@@ -1112,5 +1112,5 @@ uLong crc32_combine_op(crc1, crc2, op)
|
|
||||||
uLong crc2;
|
|
||||||
uLong op;
|
|
||||||
{
|
|
||||||
- return multmodp(op, crc1) ^ crc2;
|
|
||||||
+ return multmodp(op, crc1) ^ (crc2 & 0xffffffff);
|
|
||||||
}
|
|
|
@ -1,5 +1 @@
|
||||||
https://zlib.net/fossils/zlib-VERSION.tar.gz
|
https://zlib.net/fossils/zlib-VERSION.tar.gz
|
||||||
patches/0001-CVE-2022-37434.patch
|
|
||||||
patches/0002-CVE-2022-37434.patch
|
|
||||||
patches/Fix-CC-logic-in-configure.patch
|
|
||||||
patches/crc32.patch
|
|
||||||
|
|
|
@ -1 +1 @@
|
||||||
1.2.12 2
|
1.2.13 1
|
||||||
|
|
Loading…
Reference in New Issue
Block a user