[PATCH] minimal fix for CVE-2009-1391

Niko Tyni ntyni at debian.org
Thu Jun 11 20:35:07 UTC 2009


---
 Zlib.xs |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/Zlib.xs b/Zlib.xs
index cd366f1..60cc3d3 100644
--- a/Zlib.xs
+++ b/Zlib.xs
@@ -1319,7 +1319,7 @@ inflate (s, buf, output, eof=FALSE)
     while (RETVAL == Z_OK) {
         if (s->stream.avail_out == 0 ) {
 	    /* out of space in the output buffer so make it bigger */
-            Sv_Grow(output, SvLEN(output) + bufinc) ;
+            Sv_Grow(output, SvLEN(output) + bufinc +1) ;
             cur_length += increment ;
             s->stream.next_out = (Bytef*) SvPVbyte_nolen(output) + cur_length ;
             increment = bufinc ;
-- 
1.5.6.5


--AqsLC8rIMeq19msA--






More information about the Perl-maintainers mailing list