Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix: Possible Vulnerability in zlib Library #4809

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Fix: Possible Vulnerability in zlib Library #4809

wants to merge 1 commit into from

Conversation

tabudz
Copy link

@tabudz tabudz commented Feb 17, 2025

Issue Details

The function inflate_table9() in this repository is nearly identical to inflate_table() from zlib.
The original function was patched due to a vulnerability identified in madler/zlib@6a04314.
The same issue exists in this repository's function but remains unpatched.

Proposed Fix

This PR applies the same patch as the one in zlib to eliminate the vulnerability.

References

CVE: CVE-2016-9840
Original Fix: Original Fix

@tabudz
Remove offset pointer optimization in inftrees.c.
0325c64 
inftrees.c was subtracting an offset from a pointer to an array,
in order to provide a pointer that allowed indexing starting at
the offset. This is not compliant with the C standard, for which
the behavior of a pointer decremented before its allocated memory
is undefined. Per the recommendation of a security audit of the
zlib code by Trail of Bits and TrustInSoft, in support of the
Mozilla Foundation, this tiny optimization was removed, in order
to avoid the possibility of undefined behavior.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@tabudz