summaryrefslogtreecommitdiff
path: root/gnu/usr.bin
diff options
context:
space:
mode:
authorMartynas Venckus <martynas@cvs.openbsd.org>2009-06-21 00:31:43 +0000
committerMartynas Venckus <martynas@cvs.openbsd.org>2009-06-21 00:31:43 +0000
commit6196d927487e4aea44d4df1fa971f9ce415233b8 (patch)
tree543127288a4f277c0415819ee9ab37c89c51028a /gnu/usr.bin
parentb44052c938bd18ea4c78f111602baf1de8ac3851 (diff)
CVE-2009-1391: Buffer overflow in the inflate function in Zlib.xs
in Compress::Raw::Zlib Perl module. initial diff & ok millert@. go for it miod@
Diffstat (limited to 'gnu/usr.bin')
-rw-r--r--gnu/usr.bin/perl/ext/Compress/Raw/Zlib/Zlib.xs2
1 files changed, 1 insertions, 1 deletions
diff --git a/gnu/usr.bin/perl/ext/Compress/Raw/Zlib/Zlib.xs b/gnu/usr.bin/perl/ext/Compress/Raw/Zlib/Zlib.xs
index b100f4cf3b4..a80c5811c4c 100644
--- a/gnu/usr.bin/perl/ext/Compress/Raw/Zlib/Zlib.xs
+++ b/gnu/usr.bin/perl/ext/Compress/Raw/Zlib/Zlib.xs
@@ -1295,7 +1295,7 @@ inflate (s, buf, output, eof=FALSE)
if (s->stream.avail_out == 0 ) {
/* out of space in the output buffer so make it bigger */
- Sv_Grow(output, SvLEN(output) + bufinc) ;
+ Sv_Grow(output, SvLEN(output) + bufinc +1) ;
cur_length += increment ;
s->stream.next_out = (Bytef*) SvPVbyte_nolen(output) + cur_length ;
increment = bufinc ;