Mirrors/zlib
0
0
Fork 0
mirror of https://github.com/madler/zlib.git synced 2026-01-18 17:11:27 +01:00
Code Packages Releases Activity

Copy only the initialized window contents in inflateCopy.

Browse Source 
To avoid the propagation and possible disclosure of uninitialized
memory contents.
This commit is contained in:
Mark Adler
2025-12-21 18:34:14 -08:00
parent ba829a4585
commit 3509ab515f
1 changed files with 2 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
inflate.c
View File

@@ -1446,7 +1446,6 @@ int ZEXPORT inflateCopy(z_streamp dest, z_streamp source) {
struct inflate_state FAR *state;
struct inflate_state FAR *copy;
unsigned char FAR *window;
unsigned wsize;
/* check input */
if (inflateStateCheck(source) || dest == Z_NULL)
@@ -1477,10 +1476,8 @@ int ZEXPORT inflateCopy(z_streamp dest, z_streamp source) {
copy->distcode = copy->codes + (state->distcode - state->codes);
}
copy->next = copy->codes + (state->next - state->codes);
if (window != Z_NULL) {
wsize = 1U << state->wbits;
zmemcpy(window, state->window, wsize);
}
if (window != Z_NULL)
zmemcpy(window, state->window, state->whave);
copy->window = window;
dest->state = (struct internal_state FAR *)copy;
return Z_OK;