diff options
author | Martynas Venckus <martynas@cvs.openbsd.org> | 2009-06-21 00:31:43 +0000 |
---|---|---|
committer | Martynas Venckus <martynas@cvs.openbsd.org> | 2009-06-21 00:31:43 +0000 |
commit | 6196d927487e4aea44d4df1fa971f9ce415233b8 (patch) | |
tree | 543127288a4f277c0415819ee9ab37c89c51028a /gnu/usr.bin | |
parent | b44052c938bd18ea4c78f111602baf1de8ac3851 (diff) |
CVE-2009-1391: Buffer overflow in the inflate function in Zlib.xs
in Compress::Raw::Zlib Perl module.
initial diff & ok millert@. go for it miod@
Diffstat (limited to 'gnu/usr.bin')
-rw-r--r-- | gnu/usr.bin/perl/ext/Compress/Raw/Zlib/Zlib.xs | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/gnu/usr.bin/perl/ext/Compress/Raw/Zlib/Zlib.xs b/gnu/usr.bin/perl/ext/Compress/Raw/Zlib/Zlib.xs index b100f4cf3b4..a80c5811c4c 100644 --- a/gnu/usr.bin/perl/ext/Compress/Raw/Zlib/Zlib.xs +++ b/gnu/usr.bin/perl/ext/Compress/Raw/Zlib/Zlib.xs @@ -1295,7 +1295,7 @@ inflate (s, buf, output, eof=FALSE) if (s->stream.avail_out == 0 ) { /* out of space in the output buffer so make it bigger */ - Sv_Grow(output, SvLEN(output) + bufinc) ; + Sv_Grow(output, SvLEN(output) + bufinc +1) ; cur_length += increment ; s->stream.next_out = (Bytef*) SvPVbyte_nolen(output) + cur_length ; increment = bufinc ; |