From: Fabian Keil Date: Sun, 7 Feb 2021 16:52:58 +0000 (+0100) Subject: decompress_iob(): Prevent reading of uninitialized data X-Git-Tag: v_3_0_32~28 X-Git-Url: http://www.privoxy.org/gitweb/%22https:/developer-manual/faq/static/user-manual/@user-manual@@actions-help-prefix@BLOCK?a=commitdiff_plain;h=f018685d622080d08641471be338e5e2b698d8df;p=privoxy.git decompress_iob(): Prevent reading of uninitialized data Reported by: Joshua Rogers (Opera). --- diff --git a/parsers.c b/parsers.c index 999c715e..3197c4ff 100644 --- a/parsers.c +++ b/parsers.c @@ -608,6 +608,14 @@ jb_err decompress_iob(struct client_state *csp) * XXX: this code is untested and should probably be removed. */ int skip_bytes; + + if (cur + 2 >= csp->iob->eod) + { + log_error(LOG_LEVEL_ERROR, + "gzip extra field flag set but insufficient data available."); + return JB_ERR_COMPRESS; + } + skip_bytes = *cur++; skip_bytes += (unsigned char)*cur++ << 8;