[Zlib-devel] inflate_fast() heap-corruption problem in MS code
Greg Roelofs
newt at pobox.com
Sat Dec 14 01:12:01 EST 2002
>> Anyway, Mark, this is your baby, I think. Is it a long-fixed bug?
> This is the first I've heard of it. I just examined the code, and
> inflate_fast() and inffixed.h are properly rigged to detect and reject
> invalid codes, at least in 1.1.3 and 1.1.4. It must be a previous
> version of zlib that has this problem, assuming that the problem has
> been correctly described. Can someone find out what version they're
> talking about, so I'll know where to look?
Turns out it's 1.0.4 (at least in the IE 5.0 version, and I very much
doubt they updated it for 6.0), and I note a relevant-sounding fix of
some sort in the ChangeLog in the very next version (i.e., 1.0.5). So
it doesn't look like you need to worry about anything, but you might
want to contact the eEye guys anyway, just for yuks.
Jean-loup might want to update the web page, too (maybe add a statement
or a pointer to the bug report with a clarification that it doesn't
affect any release made in the last four+ years).
Greg
More information about the Zlib-devel
mailing list