[PATCH] lib: zlib: Use post-increment only in inffast.c

Tom Rini trini at konsulko.com
Fri Jul 17 15:29:08 CEST 2020


On Wed, Jun 24, 2020 at 04:34:03PM +0800, Ley Foon Tan wrote:

> From: Chin Liang See <chin.liang.see at intel.com>
> 
> This fixes CVE-2016-9841. Changes integrated from [1], with changes
> make for Uboot code base.
> 
> An old inffast.c optimization turns out to not be optimal anymore
> with modern compilers, and furthermore was not compliant with the
> C standard, for which decrementing a pointer before its allocated
> memory is undefined. Per the recommendation of a security audit of
> the zlib code by Trail of Bits and TrustInSoft, in support of the
> Mozilla Foundation, this "optimization" was removed, in order to
> avoid the possibility of undefined behavior.
> 
> [1]: https://github.com/madler/zlib/commit/9aaec95e82117c1cb0f9624264c3618fc380cecb
> 
> Signed-off-by: Mark Adler <madler at alumni.caltech.edu>
> Signed-off-by: Chin Liang See <chin.liang.see at intel.com>
> Signed-off-by: Ley Foon Tan <ley.foon.tan at intel.com>

This breaks the following tests on sandbox:
FAILED test/py/tests/test_efi_fit.py::test_efi_fit_launch - u_boot_spawn.Timeout
FAILED test/py/tests/test_fit.py::test_fit - OSError: [Errno 5] Input/output error

-- 
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: not available
URL: <https://lists.denx.de/pipermail/u-boot/attachments/20200717/6e35da30/attachment.sig>


More information about the U-Boot mailing list