Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Remove offset pointer optimization in inftrees.c.
inftrees.c was subtracting an offset from a pointer to an array, in order to provide a pointer that allowed indexing starting at the offset. This is not compliant with the C standard, for which the behavior of a pointer decremented before its allocated memory is undefined. Per the recommendation of a security audit of the zlib code by Trail of Bits and TrustInSoft, in support of the Mozilla Foundation, this tiny optimization was removed, in order to avoid the possibility of undefined behavior.
- Loading branch information
6a04314
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is CVE-2016-9840.