[PATCH] Update in-kernel zlib routines
These bugs have been fixed in the standard zlib for a while.
See for example
a) http://sources.redhat.com/ml/bug-gnu-utils/1999-06/msg00183.html
b) http://bugs.gentoo.org/show_bug.cgi?id=94584
Signed-off-by: Tim Yamin <plasmaroo@gentoo.org>
Signed-off-by: Tavis Ormandy <taviso@gentoo.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
diff --git a/arch/ppc64/boot/zlib.c b/arch/ppc64/boot/zlib.c
index 9d5e4e9..78837e8 100644
--- a/arch/ppc64/boot/zlib.c
+++ b/arch/ppc64/boot/zlib.c
@@ -1307,7 +1307,7 @@
{
*t = (inflate_huft *)Z_NULL;
*m = 0;
- return Z_OK;
+ return Z_DATA_ERROR;
}
@@ -1351,6 +1351,7 @@
if ((j = *p++) != 0)
v[x[j]++] = i;
} while (++i < n);
+ n = x[g]; /* set n to length of v */
/* Generate the Huffman codes and for each, make the table entries */
diff --git a/lib/inflate.c b/lib/inflate.c
index 75e7d30..6db6e98 100644
--- a/lib/inflate.c
+++ b/lib/inflate.c
@@ -326,7 +326,7 @@
{
*t = (struct huft *)NULL;
*m = 0;
- return 0;
+ return 2;
}
DEBG("huft2 ");
@@ -374,6 +374,7 @@
if ((j = *p++) != 0)
v[x[j]++] = i;
} while (++i < n);
+ n = x[g]; /* set n to length of v */
DEBG("h6 ");
@@ -410,12 +411,13 @@
DEBG1("2 ");
f -= a + 1; /* deduct codes from patterns left */
xp = c + k;
- while (++j < z) /* try smaller tables up to z bits */
- {
- if ((f <<= 1) <= *++xp)
- break; /* enough codes to use up j bits */
- f -= *xp; /* else deduct codes from patterns */
- }
+ if (j < z)
+ while (++j < z) /* try smaller tables up to z bits */
+ {
+ if ((f <<= 1) <= *++xp)
+ break; /* enough codes to use up j bits */
+ f -= *xp; /* else deduct codes from patterns */
+ }
}
DEBG1("3 ");
z = 1 << j; /* table entries for j-bit table */
diff --git a/lib/zlib_inflate/inftrees.c b/lib/zlib_inflate/inftrees.c
index 874950e..c5f66fb 100644
--- a/lib/zlib_inflate/inftrees.c
+++ b/lib/zlib_inflate/inftrees.c
@@ -141,7 +141,7 @@
{
*t = NULL;
*m = 0;
- return Z_OK;
+ return Z_DATA_ERROR;
}