From c0941e427888b43460c85e58ab91b423844bb679 Mon Sep 17 00:00:00 2001
From: unknown <jimw@mysql.com>
Date: Tue, 9 Aug 2005 10:22:48 -0700
Subject: Import zlib-1.2.3 library

zlib/ChangeLog:
  Import zlib-1.2.3
zlib/FAQ:
  Import zlib-1.2.3
zlib/README:
  Import zlib-1.2.3
zlib/adler32.c:
  Import zlib-1.2.3
zlib/compress.c:
  Import zlib-1.2.3
zlib/crc32.c:
  Import zlib-1.2.3
zlib/deflate.c:
  Import zlib-1.2.3
zlib/deflate.h:
  Import zlib-1.2.3
zlib/gzio.c:
  Import zlib-1.2.3
zlib/infback.c:
  Import zlib-1.2.3
zlib/inffast.c:
  Import zlib-1.2.3
zlib/inflate.c:
  Import zlib-1.2.3
zlib/inflate.h:
  Import zlib-1.2.3
zlib/inftrees.c:
  Import zlib-1.2.3
zlib/inftrees.h:
  Import zlib-1.2.3
zlib/trees.c:
  Import zlib-1.2.3
zlib/zconf.h:
  Import zlib-1.2.3
zlib/zlib.3:
  Import zlib-1.2.3
zlib/zlib.h:
  Import zlib-1.2.3
zlib/zutil.c:
  Import zlib-1.2.3
zlib/zutil.h:
  Import zlib-1.2.3
zlib/README.MySQL:
  Import zlib-1.2.3
---
 zlib/inffast.c | 13 +++++++++++++
 1 file changed, 13 insertions(+)

(limited to 'zlib/inffast.c')

diff --git a/zlib/inffast.c b/zlib/inffast.c
index 8c02a178d04..bbee92ed1e6 100644
--- a/zlib/inffast.c
+++ b/zlib/inffast.c
@@ -74,6 +74,9 @@ unsigned start;         /* inflate()'s starting value for strm->avail_out */
     unsigned char FAR *out;     /* local strm->next_out */
     unsigned char FAR *beg;     /* inflate()'s initial strm->next_out */
     unsigned char FAR *end;     /* while out < end, enough space available */
+#ifdef INFLATE_STRICT
+    unsigned dmax;              /* maximum distance from zlib header */
+#endif
     unsigned wsize;             /* window size or zero if not using window */
     unsigned whave;             /* valid bytes in the window */
     unsigned write;             /* window write index */
@@ -98,6 +101,9 @@ unsigned start;         /* inflate()'s starting value for strm->avail_out */
     out = strm->next_out - OFF;
     beg = out - (start - strm->avail_out);
     end = out + (strm->avail_out - 257);
+#ifdef INFLATE_STRICT
+    dmax = state->dmax;
+#endif
     wsize = state->wsize;
     whave = state->whave;
     write = state->write;
@@ -167,6 +173,13 @@ unsigned start;         /* inflate()'s starting value for strm->avail_out */
                     }
                 }
                 dist += (unsigned)hold & ((1U << op) - 1);
+#ifdef INFLATE_STRICT
+                if (dist > dmax) {
+                    strm->msg = (char *)"invalid distance too far back";
+                    state->mode = BAD;
+                    break;
+                }
+#endif
                 hold >>= op;
                 bits -= op;
                 Tracevv((stderr, "inflate:         distance %u\n", dist));
-- 
cgit v1.2.1