TakeV/guix
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
guix/gnu/packages/patches/unzip-valgrind.patch
Léo Le Bouter 31d289a475
gnu: unzip: Add patches from Fedora [security fixes]. 
Non-exhaustively fixes CVE-2016-9844, CVE-2018-1000035, CVE-2018-18384, and
CVE-2019-13232.

* gnu/packages/patches/unzip-COVSCAN-fix-unterminated-string.patch,
gnu/packages/patches/unzip-CVE-2016-9844.patch,
gnu/packages/patches/unzip-CVE-2018-1000035.patch,
gnu/packages/patches/unzip-CVE-2018-18384.patch,
gnu/packages/patches/unzip-case-insensitive.patch,
gnu/packages/patches/unzip-alt-iconv-utf8-print.patch,
gnu/packages/patches/unzip-alt-iconv-utf8.patch,
gnu/packages/patches/unzip-close.patch,
gnu/packages/patches/unzip-exec-shield.patch,
gnu/packages/patches/unzip-fix-recmatch.patch,
gnu/packages/patches/unzip-manpage-fix.patch,
gnu/packages/patches/unzip-overflow.patch,
gnu/packages/patches/unzip-symlink.patch,
gnu/packages/patches/unzip-timestamp.patch,
gnu/packages/patches/unzip-valgrind.patch,
gnu/packages/patches/unzip-x-option.patch,
gnu/packages/patches/unzip-zipbomb-manpage.patch,
gnu/packages/patches/unzip-zipbomb-part1.patch,
gnu/packages/patches/unzip-zipbomb-part2.patch,
gnu/packages/patches/unzip-zipbomb-part3.patch: New patches.
* gnu/local.mk (dist_patch_DATA): Register them.
* gnu/packages/compression.scm (unzip/fixed): New variable. Apply patches.
(unzip)[replacement]: Graft.
2021-03-14 06:11:20 +01:00

27 lines
1.1 KiB
Diff
Raw Blame History

diff --git a/fileio.c b/fileio.c
index ba0a1d0..03fc4be 100644
--- a/fileio.c
+++ b/fileio.c
@@ -2006,6 +2006,7 @@ int do_string(__G__ length, option) /* return PK-type error code */
unsigned comment_bytes_left;
unsigned int block_len;
int error=PK_OK;
+ unsigned int length2;
#ifdef AMIGA
char tmp_fnote[2 * AMIGA_FILENOTELEN]; /* extra room for squozen chars */
#endif
@@ -2292,8 +2293,12 @@ int do_string(__G__ length, option) /* return PK-type error code */
seek_zipf(__G__ G.cur_zipfile_bufstart - G.extra_bytes +
(G.inptr-G.inbuf) + length);
} else {
- if (readbuf(__G__ (char *)G.extra_field, length) == 0)
+ if ((length2 = readbuf(__G__ (char *)G.extra_field, length)) == 0)
return PK_EOF;
+ if(length2 < length) {
+ memset (__G__ (char *)G.extra_field+length2, 0 , length-length2);
+ length = length2;
+ }
/* Looks like here is where extra fields are read */
getZip64Data(__G__ G.extra_field, length);
#ifdef UNICODE_SUPPORT
Reference in a new issue View git blame Copy permalink