From a972dbb9bd731a439d009bd51e36981c41a06232 Mon Sep 17 00:00:00 2001 From: scuri Date: Tue, 20 Oct 2009 18:12:26 +0000 Subject: *** empty log message *** --- src/pdflib/flate/deflate.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) (limited to 'src/pdflib/flate/deflate.c') diff --git a/src/pdflib/flate/deflate.c b/src/pdflib/flate/deflate.c index 5454e60..8a360ff 100644 --- a/src/pdflib/flate/deflate.c +++ b/src/pdflib/flate/deflate.c @@ -47,8 +47,8 @@ * */ -/* $Id: deflate.c,v 1.1 2008/10/17 06:10:42 scuri Exp $ */ -/* @(#) $Id: deflate.c,v 1.1 2008/10/17 06:10:42 scuri Exp $ */ +/* $Id: deflate.c,v 1.2 2009/10/20 18:12:26 scuri Exp $ */ +/* @(#) $Id: deflate.c,v 1.2 2009/10/20 18:12:26 scuri Exp $ */ #include "deflate.h" @@ -284,10 +284,13 @@ int ZEXPORT deflateInit2_( s->hash_mask = s->hash_size - 1; s->hash_shift = ((s->hash_bits+MIN_MATCH-1)/MIN_MATCH); - s->window = (Bytef *) ZALLOC(strm, s->w_size, 2*sizeof(Byte)); + /* PDFlib GmbH Bug #1707: increase the buffer size by 2x2 bytes to + * avoid problems with memory access beyond the end in the assembler code + */ + s->window = (Bytef *) ZALLOC(strm, 2+s->w_size, 2*sizeof(Byte)); /* we don't use calloc -> to satisfy purify * at least here memset is needed */ - memset((void *)s->window, 0, (size_t) s->w_size * 2*sizeof(Byte)); + memset((void *)s->window, 0, (size_t) (2+s->w_size) * 2*sizeof(Byte)); s->prev = (Posf *) ZALLOC(strm, s->w_size, sizeof(Pos)); s->head = (Posf *) ZALLOC(strm, s->hash_size, sizeof(Pos)); -- cgit v1.2.3