head	1.2;
access;
symbols
	pkgsrc-2013Q2:1.2.0.22
	pkgsrc-2013Q2-base:1.2
	pkgsrc-2012Q4:1.2.0.20
	pkgsrc-2012Q4-base:1.2
	pkgsrc-2011Q4:1.2.0.18
	pkgsrc-2011Q4-base:1.2
	pkgsrc-2011Q2:1.2.0.16
	pkgsrc-2011Q2-base:1.2
	pkgsrc-2009Q4:1.2.0.14
	pkgsrc-2009Q4-base:1.2
	pkgsrc-2008Q4:1.2.0.12
	pkgsrc-2008Q4-base:1.2
	pkgsrc-2008Q3:1.2.0.10
	pkgsrc-2008Q3-base:1.2
	cube-native-xorg:1.2.0.8
	cube-native-xorg-base:1.2
	pkgsrc-2008Q2:1.2.0.6
	pkgsrc-2008Q2-base:1.2
	pkgsrc-2008Q1:1.2.0.4
	pkgsrc-2008Q1-base:1.2
	pkgsrc-2007Q4:1.2.0.2
	pkgsrc-2007Q4-base:1.2
	pkgsrc-2007Q3:1.1.0.10
	pkgsrc-2007Q3-base:1.1
	pkgsrc-2007Q2:1.1.0.8
	pkgsrc-2007Q2-base:1.1
	pkgsrc-2007Q1:1.1.0.6
	pkgsrc-2007Q1-base:1.1
	pkgsrc-2006Q4:1.1.0.4
	pkgsrc-2006Q4-base:1.1
	pkgsrc-2006Q3:1.1.0.2
	pkgsrc-2006Q3-base:1.1;
locks; strict;
comment	@# @;


1.2
date	2007.11.08.19.26.56;	author joerg;	state dead;
branches;
next	1.1;

1.1
date	2006.09.23.13.52.17;	author adrianp;	state Exp;
branches;
next	;


desc
@@


1.2
log
@Update gzip to 1.3.12 and merge base and info back into gzip.
This includes many security fixes, improvements for files over 4GB,
portability improves, zless, etc.
@
text
@$NetBSD: patch-af,v 1.1 2006/09/23 13:52:17 adrianp Exp $

--- unpack.c.orig	1993-08-13 08:35:00.000000000 +0100
+++ unpack.c
@@@@ -12,7 +12,6 @@@@ static char rcsid[] = "$Id: unpack.c,v 1
 #include "gzip.h"
 #include "crypt.h"
 
-#define MIN(a,b) ((a) <= (b) ? (a) : (b))
 /* The arguments must not have side effects. */
 
 #define MAX_BITLEN 25
@@@@ -132,7 +131,7 @@@@ local void read_tree()
 	/* Remember where the literals of this length start in literal[] : */
 	lit_base[len] = base;
 	/* And read the literals: */
-	for (n = leaves[len]; n > 0; n--) {
+	for (n = leaves[len]; n > 0 && base < LITERALS; n--) { 
 	    literal[base++] = (uch)get_byte();
 	}
     }
@@@@ -168,7 +167,7 @@@@ local void build_tree()
     prefixp = &prefix_len[1<<peek_bits];
     for (len = 1; len <= peek_bits; len++) {
 	int prefixes = leaves[len] << (peek_bits-len); /* may be 0 */
-	while (prefixes--) *--prefixp = (uch)len;
+	while (prefixes-- && prefixp > prefix_len) *--prefixp = (uch)len;
     }
     /* The length of all other codes is unknown: */
     while (prefixp > prefix_len) *--prefixp = 0;
@


1.1
log
@Fixes (via RedHat) for:	CVE-2006-4334, CVE-2006-4335, CVE-2006-4336,
CVE-2006-4337 and CVE-2006-4338
Bump to nb2
@
text
@d1 1
a1 1
$NetBSD$
@