From c794701885d35317ee79d1c59d414eb3f7d53d70 Mon Sep 17 00:00:00 2001
From: "Ryan C. Gordon" <icculus@icculus.org>
Date: Wed, 13 Jul 2005 15:10:00 +0000
Subject: [PATCH] Patched zlib security hole discussed here:  
 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2096

---
 CHANGELOG          | 3 ++-
 zlib122/inftrees.c | 2 +-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG
index ad904604..0be757ba 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -2,7 +2,8 @@
  * CHANGELOG.
  */
 
-07132005 - Updated zlib to 1.2.2.
+07132005 - Updated zlib to 1.2.2, and patched it for this security hole:
+           http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2096
 06122005 - Added support for mingw to Unix build process (thanks, Matze!).
 03162005 - Added missing translation and Portuguese support (thanks, Danny!).
            MPW support and several MacOS Classic fixes (thanks, Chris!).
diff --git a/zlib122/inftrees.c b/zlib122/inftrees.c
index 8a896b28..509461d9 100644
--- a/zlib122/inftrees.c
+++ b/zlib122/inftrees.c
@@ -134,7 +134,7 @@ unsigned short FAR *work;
         left -= count[len];
         if (left < 0) return -1;        /* over-subscribed */
     }
-    if (left > 0 && (type == CODES || (codes - count[0] != 1)))
+    if (left > 0 && (type == CODES || max != 1))
         return -1;                      /* incomplete set */
 
     /* generate offsets into symbol table for each length for sorting */