File gzip-CVE-2010-0001.diff of Package gzip

* unlzw.c (unlzw): Avoid integer overflow.
Aki Helin reported the segfault along with an input to trigger the bug.
--- a/unlzw.c	2006-12-11 18:54:39.000000000 +0000
+++ b/unlzw.c	2010-01-14 16:52:56.000000000 +0000
@@ -248,7 +248,8 @@
 	int  o;
 
     resetbuf:
-	e = insize-(o = (posbits>>3));
+        o = posbits >> 3;
+        e = o <= insize ? insize - o : 0;
 
 	for (i = 0 ; i < e ; ++i) {
 	    inbuf[i] = inbuf[i+o];