diff options
| author | delphij <delphij@FreeBSD.org> | 2015-02-04 06:37:45 +0800 |
|---|---|---|
| committer | delphij <delphij@FreeBSD.org> | 2015-02-04 06:37:45 +0800 |
| commit | b63ae222d941cfd645cfb85d0444d1f411ec4d6b (patch) | |
| tree | 500f4568003688f6bf77f551a4b68f9a48af085e /archivers/unzip | |
| parent | 31d0903006cff08a5e1d555ddd1bbf71bd1f7802 (diff) | |
| download | freebsd-ports-gnome-b63ae222d941cfd645cfb85d0444d1f411ec4d6b.tar.gz freebsd-ports-gnome-b63ae222d941cfd645cfb85d0444d1f411ec4d6b.tar.zst freebsd-ports-gnome-b63ae222d941cfd645cfb85d0444d1f411ec4d6b.zip | |
Apply Debian patch for CVE-2014-9636 which fixes out of
boundary access issue in test_compr_eb.
PR: ports/197300
Submitted by: Robert Simmons <rsimmons0 gmail com>
Approved by: so
Security: e543c6f8-abf2-11e4-8ac7-d050992ecde8
MFH: 2015Q1
Diffstat (limited to 'archivers/unzip')
| -rw-r--r-- | archivers/unzip/Makefile | 2 | ||||
| -rw-r--r-- | archivers/unzip/files/patch-extract.c | 23 |
2 files changed, 18 insertions, 7 deletions
diff --git a/archivers/unzip/Makefile b/archivers/unzip/Makefile index 7ec1e005fa07..6bd21e4f373d 100644 --- a/archivers/unzip/Makefile +++ b/archivers/unzip/Makefile @@ -3,7 +3,7 @@ PORTNAME= unzip PORTVERSION= 6.0 -PORTREVISION= 3 +PORTREVISION= 4 CATEGORIES= archivers MASTER_SITES= SF/infozip/UnZip%206.x%20%28latest%29/UnZip%20${PORTVERSION}/:main \ SF/infozip/UnZip%205.x%20and%20earlier/5.51/:unreduce diff --git a/archivers/unzip/files/patch-extract.c b/archivers/unzip/files/patch-extract.c index 7b9645e85a5f..dea0b3254379 100644 --- a/archivers/unzip/files/patch-extract.c +++ b/archivers/unzip/files/patch-extract.c @@ -1,5 +1,5 @@ ---- extract.c.orig 2015-01-16 10:05:03.994866726 +0100 -+++ extract.c 2015-01-16 09:57:31.606898193 +0100 +--- extract.c.orig 2009-03-14 01:32:52 UTC ++++ extract.c @@ -1,5 +1,5 @@ /* - Copyright (c) 1990-2009 Info-ZIP. All rights reserved. @@ -7,7 +7,7 @@ See the accompanying file LICENSE, version 2009-Jan-02 or later (the contents of which are also included in unzip.h) for terms of use. -@@ -298,6 +298,8 @@ +@@ -298,6 +298,8 @@ char ZCONST Far TruncNTSD[] = #ifndef SFX static ZCONST char Far InconsistEFlength[] = "bad extra-field entry:\n \ EF block length (%u bytes) exceeds remaining EF data (%u bytes)\n"; @@ -16,7 +16,7 @@ static ZCONST char Far InvalidComprDataEAs[] = " invalid compressed data for EAs\n"; # if (defined(WIN32) && defined(NTSD_EAS)) -@@ -2023,7 +2025,8 @@ +@@ -2023,7 +2025,8 @@ static int TestExtraField(__G__ ef, ef_l ebID = makeword(ef); ebLen = (unsigned)makeword(ef+EB_LEN); @@ -26,7 +26,7 @@ /* Discovered some extra field inconsistency! */ if (uO.qflag) Info(slide, 1, ((char *)slide, "%-22s ", -@@ -2032,6 +2035,16 @@ +@@ -2032,6 +2035,16 @@ static int TestExtraField(__G__ ef, ef_l ebLen, (ef_len - EB_HEADSIZE))); return PK_ERR; } @@ -43,7 +43,12 @@ switch (ebID) { case EF_OS2: -@@ -2221,10 +2234,17 @@ +@@ -2217,14 +2230,28 @@ static int test_compr_eb(__G__ eb, eb_si + ulg eb_ucsize; + uch *eb_ucptr; + int r; ++ ush method; + if (compr_offset < 4) /* field is not compressed: */ return PK_OK; /* do nothing and signal OK */ @@ -61,6 +66,12 @@ + ((eb_ucsize = makelong( eb+ (EB_HEADSIZE+ EB_UCSIZE_P))) == 0L) || + ((eb_ucsize > 0L) && (eb_size <= (compr_offset + EB_CMPRHEADLEN)))) + return IZ_EF_TRUNC; /* no/bad compressed data! */ ++ ++ method = makeword(eb + (EB_HEADSIZE + compr_offset)); ++ if ((method == STORED) && (eb_size - compr_offset != eb_ucsize)) ++ return PK_ERR; /* compressed & uncompressed ++ * should match in STORED ++ * method */ if ( #ifdef INT_16BIT |