[24724] in bugtraq
Re: about zlib vulnerability - Microsoft products
daemon@ATHENA.MIT.EDU (Florian Weimer)
Mon Mar 18 21:21:11 2002
To: forrest@mibsoftware.com
Cc: bugtraq@securityfocus.com
From: Florian Weimer <Weimer@CERT.Uni-Stuttgart.DE>
Date: Sun, 17 Mar 2002 18:19:00 +0100
In-Reply-To: <200203160425.g2G4P77C022133@lima.epix.net> ("Forrest J
Cavalier III"'s message of "Fri, 15 Mar 2002 23:16:30 -0500")
Message-ID: <87y9gr6rjv.fsf@CERT.Uni-Stuttgart.DE>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
"Forrest J Cavalier III" <forrest@mibsoftware.com> writes:
> The following C program scans files for the cplens table (used for
> inflate.)
>
> I expect the code below is portable. It was tested on Windows.
>
> It might run faster than the perl script posted earlier. (I
> suppose it risks more false positives too.)
AFAIK, any "inflate" decompressor requires this table, so this program
detects such decompressors which store the table in a particular form,
not just zlib's implementation.
--
Florian Weimer Weimer@CERT.Uni-Stuttgart.DE
University of Stuttgart http://CERT.Uni-Stuttgart.DE/people/fw/
RUS-CERT +49-711-685-5973/fax +49-711-685-5898
