smallsolar/u-boot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Revert "Merge patch series "zlib: Address CVE-2016-9841""

Browse Source 
This series brings our zlib code more up to date. However, it drops an
important performance improvement that is required on some of our
supported platforms in order to boot Linux before the watchdog resets
the system. Furthermore, the "post increment" version of this
performance loop was not tested, so while we can fix it, it would then
require re-testing all platforms. At this point in time, we will revert
updating zlib (which has had a potential security issue since 2016) and
fix this in the v2024.10 release.

This reverts commit 4914263c9a, reversing
changes made to ef8ef5f77c.

Reported-by: Christophe Leroy <christophe.leroy@csgroup.eu>
Signed-off-by: Tom Rini <trini@konsulko.com>
This commit is contained in:
Tom Rini
2024-06-30 19:03:14 -06:00
parent 8937bb265a
commit bbacdd3ef7
7 changed files with 151 additions and 90 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
lib/gzip.c
View File

@@ -67,7 +67,7 @@ int zzip(void *dst, unsigned long *lenp, unsigned char *src,
r = deflateInit2_(&s, Z_BEST_SPEED, Z_DEFLATED, window,
DEF_MEM_LEVEL, Z_DEFAULT_STRATEGY,
sizeof(z_stream));
ZLIB_VERSION, sizeof(z_stream));
if (r != Z_OK) {
printf ("Error: deflateInit2_() returned %d\n", r);
return -1;