Tree - rpms/unzip - CentOS Git server

rpms / unzip

Blame SOURCES/0001-Fix-CVE-2016-9844-rhbz-1404283.patch

Blob History Raw

		623fdc	`From 754137e70cf58a64ad524b704a86b651ba0cde07 Mon Sep 17 00:00:00 2001`
		623fdc	`From: Petr Stodulka <pstodulk@redhat.com>`
		623fdc	`Date: Wed, 14 Dec 2016 16:30:36 +0100`
		623fdc	`Subject: [PATCH] Fix CVE-2016-9844 (rhbz#1404283)`
		623fdc
		623fdc	`Fixes buffer overflow in zipinfo in similar way like fix for`
		623fdc	`CVE-2014-9913 provided by upstream.`
		623fdc	`---`
		623fdc	`zipinfo.c \| 14 +++++++++++++-`
		623fdc	`1 file changed, 13 insertions(+), 1 deletion(-)`
		623fdc
		623fdc	`diff --git a/zipinfo.c b/zipinfo.c`
		623fdc	`index c03620e..accca2a 100644`
		623fdc	`--- a/zipinfo.c`
		623fdc	`+++ b/zipinfo.c`
		623fdc	`@@ -1984,7 +1984,19 @@ static int zi_short(__G) /* return PK-type error code */`
		623fdc	`ush dnum=(ush)((G.crec.general_purpose_bit_flag>>1) & 3);`
		623fdc	`methbuf[3] = dtype[dnum];`
		623fdc	`} else if (methnum >= NUM_METHODS) { /* unknown */`
		623fdc	`- sprintf(&methbuf[1], "%03u", G.crec.compression_method);`
		623fdc	`+ /* 2016-12-05 SMS.`
		623fdc	`+ * https://launchpad.net/bugs/1643750`
		623fdc	`+ * Unexpectedly large compression methods overflow`
		623fdc	`+ * &methbuf[]. Use the old, three-digit decimal format`
		623fdc	`+ * for values which fit. Otherwise, sacrifice the "u",`
		623fdc	`+ * and use four-digit hexadecimal.`
		623fdc	`+ */`
		623fdc	`+ if (G.crec.compression_method <= 999) {`
		623fdc	`+ sprintf( &methbuf[ 1], "%03u", G.crec.compression_method);`
		623fdc	`+ } else {`
		623fdc	`+ sprintf( &methbuf[ 0], "%04X", G.crec.compression_method);`
		623fdc	`+ }`
		623fdc	`+`
		623fdc	`}`
		623fdc
		623fdc	`for (k = 0; k < 15; ++k)`
		623fdc	`--`
		623fdc	`2.5.5`
		623fdc

rpms / unzip

Source Code

Blame SOURCES/0001-Fix-CVE-2016-9844-rhbz-1404283.patch