Hello community, here is the log from the commit of package zlib for openSUSE:Factory checked in at 2018-05-22 16:57:37 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/zlib (Old) and /work/SRC/openSUSE:Factory/.zlib.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "zlib" Tue May 22 16:57:37 2018 rev:67 rq:607454 version:1.2.11 Changes: -------- --- /work/SRC/openSUSE:Factory/zlib/zlib.changes 2017-06-18 13:48:01.310816314 +0200 +++ /work/SRC/openSUSE:Factory/.zlib.new/zlib.changes 2018-05-22 16:57:40.069600809 +0200 @@ -1,0 +2,6 @@ +Tue May 15 10:56:20 UTC 2018 - tchvatal@suse.com + +- Add patch to safeguard against negative values in uInt bsc#1071321: + * 0001-Do-not-try-to-store-negative-values-in-unsigned-int.patch + +------------------------------------------------------------------- New: ---- 0001-Do-not-try-to-store-negative-values-in-unsigned-int.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ zlib.spec ++++++ --- /var/tmp/diff_new_pack.uCDdRH/_old 2018-05-22 16:57:40.713577379 +0200 +++ /var/tmp/diff_new_pack.uCDdRH/_new 2018-05-22 16:57:40.717577233 +0200 @@ -33,6 +33,8 @@ Patch0: zlib-1.2.11-optimized-s390.patch #PATCH-FIX-SUSE: compiler check of varguments passed to gzprintf Patch1: zlib-format.patch +#PATCH-FIX-UPSTREAM do not store negative values in uInt +Patch2: 0001-Do-not-try-to-store-negative-values-in-unsigned-int.patch BuildRequires: autoconf BuildRequires: automake BuildRequires: libtool @@ -115,6 +117,7 @@ %setup -q %patch0 %patch1 +%patch2 -p1 %build export LDFLAGS="-Wl,-z,relro,-z,now" ++++++ 0001-Do-not-try-to-store-negative-values-in-unsigned-int.patch ++++++
From bb5eec59e3ec66f6dccb79b1900aa806a1cca12e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?=
Date: Fri, 8 Dec 2017 14:59:08 +0100 Subject: [PATCH] Do not try to store negative values in unsigned int
--- deflate.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/deflate.c b/deflate.c index 1ec7614..1bad1eb 100644 --- a/deflate.c +++ b/deflate.c @@ -1536,7 +1536,10 @@ local void fill_window(s) /* Initialize the hash value now that we have some input: */ if (s->lookahead + s->insert >= MIN_MATCH) { - uInt str = s->strstart - s->insert; + uInt str = 0; + /* storing negative values to uInt is not good idea */ + if (s->strstart - s->insert > 0) + str = s->strstart - s->insert; s->ins_h = s->window[str]; UPDATE_HASH(s, s->ins_h, s->window[str + 1]); #if MIN_MATCH != 3 -- 2.15.1