• d-bugmail puremagic.com (21/21) Aug 08 2022 https://issues.dlang.org/show_bug.cgi?id=23288

d-bugmail puremagic.com writes:

https://issues.dlang.org/show_bug.cgi?id=23288

          Issue ID: 23288
           Summary: zlib: Fix potential buffer overflow
           Product: D
           Version: D2
          Hardware: All
                OS: All
            Status: NEW
          Severity: normal
          Priority: P1
         Component: phobos
          Assignee: nobody puremagic.com
          Reporter: bcallah openbsd.org

Hello --

There is a potential buffer overflow in Phobos's built-in zlib.

The fix is here:
https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1

However, that fix broke curl, which prompted a further fix:
https://github.com/madler/zlib/commit/1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d

I have a combined diff prepared.

--