1 [SECURITY] CVE-2009-1391: Fix a buffer overflow in inflate().
5 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-1391
7 Fix cherry-picked from upstream version 2.017.
8 --- libcompress-raw-zlib-perl-2.012.orig/Zlib.xs
9 +++ libcompress-raw-zlib-perl-2.012/Zlib.xs
11 while (RETVAL == Z_OK) {
12 if (s->stream.avail_out == 0 ) {
13 /* out of space in the output buffer so make it bigger */
14 - Sv_Grow(output, SvLEN(output) + bufinc) ;
15 + Sv_Grow(output, SvLEN(output) + bufinc +1) ;
16 cur_length += increment ;
17 s->stream.next_out = (Bytef*) SvPVbyte_nolen(output) + cur_length ;