Depends on your malloc() implementation. The thing that causes the bug to appear is an input stream constructed *just* *so*, and that *is* platform independent as the inflate input stream is the same regardless of platform. Bad things happen when malloc()/free() from libc is also faulty or fails in a certain way upon a double free. The best you can hope for is a segv, still a downer for the user.
Most libc's are related - I wouldn't be surprised if MacOS X's malloc is related to BSD or gnu's libc. But it also depends on your compiler - if Metrowerks have a compiler suite for MacOS X that's not the heavily modified gcc that Apple supply, then that could be a dependency. Suffice to say, it's simpler to re-link with zlib 1.1.4 than to figure out if you're actually vulnerable to the input stream. Andrew -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Adrian Umpleby Sent: Thursday, 14 March 2002 8:14 PM To: [EMAIL PROTECTED] Subject: Re: VNC zlib Advisory draft 1 >The next version of VNCThing (2.3) will be linked with zlib 1.1.4: should be >available fairly soon. Thanks for the info! (Does that mean v2.2 is potentially vulnerable?) Adrian --------------------------------------------------------------------- To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html --------------------------------------------------------------------- --------------------------------------------------------------------- To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html ---------------------------------------------------------------------
