Fix zlib CVE-2016-9843.

author Wayne Davison <wayned@samba.org>

Sat, 16 Mar 2019 16:52:46 +0000 (09:52 -0700)

committer Wayne Davison <wayned@samba.org>

Sat, 16 Mar 2019 16:56:11 +0000 (09:56 -0700)
author Wayne Davison <wayned@samba.org>
Sat, 16 Mar 2019 16:52:46 +0000 (09:52 -0700)
committer Wayne Davison <wayned@samba.org>
Sat, 16 Mar 2019 16:56:11 +0000 (09:56 -0700)
diff --git a/zlib/crc32.c b/zlib/crc32.c

index 979a7190a3ca44c66797f6f994804f825bf82d4a..05733f4e407580307a53317978beba2281c006d1 100644 (file)
--- a/zlib/crc32.c
+++ b/zlib/crc32.c
@@ -278,7 +278,7 @@ local unsigned long crc32_little(crc, buf, len)
  }
  
  /* ========================================================================= */
-#define DOBIG4 c ^= *++buf4; \
+#define DOBIG4 c ^= *buf4++; \
          c = crc_table[4][c & 0xff] ^ crc_table[5][(c >> 8) & 0xff] ^ \
              crc_table[6][(c >> 16) & 0xff] ^ crc_table[7][c >> 24]
  #define DOBIG32 DOBIG4; DOBIG4; DOBIG4; DOBIG4; DOBIG4; DOBIG4; DOBIG4; DOBIG4
@@ -300,7 +300,6 @@ local unsigned long crc32_big(crc, buf, len)
      }
  
      buf4 = (const z_crc_t FAR *)(const void FAR *)buf;
-    buf4--;
      while (len >= 32) {
          DOBIG32;
          len -= 32;
@@ -309,7 +308,6 @@ local unsigned long crc32_big(crc, buf, len)
          DOBIG4;
          len -= 4;
      }
-    buf4++;
      buf = (const unsigned char FAR *)buf4;
  
      if (len) do {
author	Wayne Davison <wayned@samba.org>
	Sat, 16 Mar 2019 16:52:46 +0000 (09:52 -0700)
committer	Wayne Davison <wayned@samba.org>
	Sat, 16 Mar 2019 16:56:11 +0000 (09:56 -0700)