On Wed, Apr 03, 2024 at 03:35:07PM +0000, Lu ChenHao wrote: > As CVE-2011-2895<https://nvd.nist.gov/vuln/detail/CVE-2011-2895> said, the > LZW decompressor is vulnerable to an infinite loop or a heap-based buffer > overflow. As a mitigation, freebsd has added checks in > zopen.c<https://github.com/evadot/freebsd/commit/a06534c3c2587eca911a202d556fa656694f021>. > But there seems to be no checks in openbsd's > zopen.c<https://github.com/openbsd/src/blob/master/usr.bin/compress/zopen.c#L463>. > Since this is an old CVE, just wondering whether openbsd is vulnerable to > it, or it has been fixed by another way in openbsd. > [https://opengraph.githubassets.com/6deefd04d5f9f6e2baa404fec35c127503d661110a01bf55450d94f945341885/openbsd/src]<https://github.com/openbsd/src/blob/master/usr.bin/compress/zopen.c#L463> > src/usr.bin/compress/zopen.c at master ?? > openbsd/src<https://github.com/openbsd/src/blob/master/usr.bin/compress/zopen.c#L463> > Read-only git conversion of OpenBSD's official CVS src repository. Pull > requests not accepted - send diffs to the tech@ mailing list. - openbsd/src > github.com >
According to https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2895 it was fixed in OpenBSD here http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/compress/zopen.c#rev1.17 Fixes look different in FreeBSD, NetBSD, OpenBSD. I have not checked whether they are equivalent. bluhm
