From 521adbdfc74b5f8ee5c81fd5afa1188408cca87a Mon Sep 17 00:00:00 2001
From: Jacques Vidrine <nectar@FreeBSD.org>
Date: Thu, 26 Aug 2004 19:37:06 +0000
Subject: [PATCH] Correct a denial-of-service vulnerability in zlib. For
 reference, this bug was first reported at
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=252253

Submitted by:	"Dmitry V. Levin" <ldv@altlinux.org>
---
 lib/libz/infback.c | 3 +++
 lib/libz/inflate.c | 3 +++
 2 files changed, 6 insertions(+)

diff --git a/lib/libz/infback.c b/lib/libz/infback.c
index 110b03b857f2..e9709984a898 100644
--- a/lib/libz/infback.c
+++ b/lib/libz/infback.c
@@ -434,6 +434,9 @@ void FAR *out_desc;
                 }
             }
 
+            if (state->mode == BAD)
+                break;
+
             /* build code tables */
             state->next = state->codes;
             state->lencode = (code const FAR *)(state->next);
diff --git a/lib/libz/inflate.c b/lib/libz/inflate.c
index 1d66a20bcb73..913f00296b56 100644
--- a/lib/libz/inflate.c
+++ b/lib/libz/inflate.c
@@ -864,6 +864,9 @@ int flush;
                 }
             }
 
+            if (state->mode == BAD)
+                break;
+
             /* build code tables */
             state->next = state->codes;
             state->lencode = (code const FAR *)(state->next);