https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109428
--- Comment #4 from Andrew Pinski <pinskia at gcc dot gnu.org> --- (In reply to chluo from comment #2) > Thank you for your quick update! The commit might just list one approach to > exploit the bug in **inflate()** function. I am not sure if there are other > ways to reach there but the buggy code is definitely a hazard. > Anyway, it is good to align with the patched version of upstream code zlib. > It would not take effort since the patch is very easy to apply and verify. Also the only way hit the bug is if state->head is non-null. the only place which sets state->head to non-null is in inflateGetHeader since state is an opaque object outside of zlib even. So if someone modifies the state from outside of zlib, then there might be other issues. Anyways GCC does not modify state either nor calls inflateGetHeader so it would not hit this bug.
