From 62b3fbcf6c4ffbb3c9c0e342e3eaec2cb7cb7559 Mon Sep 17 00:00:00 2001 From: wanghang Date: Mon, 15 Aug 2022 11:25:44 +0800 Subject: [PATCH] IssueNo:#I5MAFM Description:security: Fix CVE-2022-37434 Sig:SIG_ApplicaitonFramework Feature or Bugfix:Bugfix Binary Source:No Signed-off-by: wanghang Change-Id: If307873d4eeb639f4c86ac7ca4dd2057e9522070 --- inflate.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/inflate.c b/inflate.c index ac333e8..cd01857 100644 --- a/inflate.c +++ b/inflate.c @@ -759,8 +759,9 @@ int flush; if (copy > have) copy = have; if (copy) { if (state->head != Z_NULL && - state->head->extra != Z_NULL) { - len = state->head->extra_len - state->length; + state->head->extra != Z_NULL && + (len = state->head->extra_len - state->length) < + state->head->extra_max) { zmemcpy(state->head->extra + len, next, len + copy > state->head->extra_max ? state->head->extra_max - len : copy); -- GitLab