/usr/src/gcc-6/debian/patches/CVE-2016-9842.diff is in gcc-6-source 6.4.0-17ubuntu1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 | commit e54e1299404101a5a9d0cf5e45512b543967f958
Author: Mark Adler <madler@alumni.caltech.edu>
Date: Sat Sep 5 17:45:55 2015 -0700
Avoid shifts of negative values inflateMark().
The C standard says that bit shifts of negative integers is
undefined. This casts to unsigned values to assure a known
result.
Index: b/src/zlib/inflate.c
===================================================================
--- a/src/zlib/inflate.c
+++ b/src/zlib/inflate.c
@@ -1504,9 +1504,10 @@ z_streamp strm;
{
struct inflate_state FAR *state;
- if (strm == Z_NULL || strm->state == Z_NULL) return -1L << 16;
+ if (strm == Z_NULL || strm->state == Z_NULL)
+ return (long)(((unsigned long)0 - 1) << 16);
state = (struct inflate_state FAR *)strm->state;
- return ((long)(state->back) << 16) +
+ return (long)(((unsigned long)((long)state->back)) << 16) +
(state->mode == COPY ? state->length :
(state->mode == MATCH ? state->was - state->length : 0));
}
|