[arch-commits] Commit in unzip/trunk (PKGBUILD cve20149636.patch overflow-fsize.patch)

Gaetan Bisson bisson at archlinux.org
Sun Mar 15 04:53:48 UTC 2015 

    Date: Sunday, March 15, 2015 @ 05:53:48
  Author: bisson
Revision: 233850

fix FS#44171

Added:
  unzip/trunk/cve20149636.patch
  unzip/trunk/overflow-fsize.patch
Modified:
  unzip/trunk/PKGBUILD

----------------------+
 PKGBUILD             |    8 +++++++-
 cve20149636.patch    |   25 +++++++++++++++++++++++++
 overflow-fsize.patch |   34 ++++++++++++++++++++++++++++++++++
 3 files changed, 66 insertions(+), 1 deletion(-)

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2015-03-15 04:40:57 UTC (rev 233849)
+++ PKGBUILD	2015-03-15 04:53:48 UTC (rev 233850)
@@ -6,7 +6,7 @@
 pkgname=unzip
 pkgver=6.0
 _pkgver=${pkgver/./}
-pkgrel=9
+pkgrel=10
 pkgdesc='For extracting and viewing files in .zip archives'
 url='http://www.info-zip.org/UnZip.html'
 arch=('i686' 'x86_64')
@@ -13,10 +13,14 @@
 license=('custom')
 depends=('bzip2' 'bash')
 source=("http://downloads.sourceforge.net/infozip/${pkgname}${_pkgver}.tar.gz"
+        'overflow-fsize.patch'
+        'cve20149636.patch'
         'test_compr_eb.patch'
         'getZip64Data.patch'
         'crc32.patch')
 sha1sums=('abf7de8a4018a983590ed6f5cbd990d4740f8a22'
+          '2852ce1a9db8d646516f8828436a44d34785a0b3'
+          'e8c0bc17c63eeed97ad62b86845d75c849bcf4f8'
           '614c3e7fa7d6da7c60ea2aa79e36f4cbd17c3824'
           '691d0751bf0bc98cf9f9889dee39baccabefdc4d'
           '82c9fe9172779a0ee92a187d544e74e8f512b013')
@@ -24,6 +28,8 @@
 prepare() {
 	cd "${srcdir}/${pkgname}${_pkgver}"
 	sed -i "/MANDIR =/s#)/#)/share/#" unix/Makefile
+	patch -p1 -i ../overflow-fsize.patch #FS#44171
+	patch -p1 -i ../cve20149636.patch #FS#44171
 	patch -i ../test_compr_eb.patch # FS#43391
 	patch -i ../getZip64Data.patch # FS#43300
 	patch -i ../crc32.patch # FS#43300

Added: cve20149636.patch
===================================================================
--- cve20149636.patch	                        (rev 0)
+++ cve20149636.patch	2015-03-15 04:53:48 UTC (rev 233850)
@@ -0,0 +1,25 @@
+diff --git a/extract.c b/extract.c
+index a0a4929..9ef80b3 100644
+--- a/extract.c
++++ b/extract.c
+@@ -2214,6 +2214,7 @@ static int test_compr_eb(__G__ eb, eb_size, compr_offset, test_uc_ebdata)
+     ulg eb_ucsize;
+     uch *eb_ucptr;
+     int r;
++    ush method;
+ 
+     if (compr_offset < 4)                /* field is not compressed: */
+         return PK_OK;                    /* do nothing and signal OK */
+@@ -2223,6 +2224,12 @@ static int test_compr_eb(__G__ eb, eb_size, compr_offset, test_uc_ebdata)
+          eb_size <= (compr_offset + EB_CMPRHEADLEN)))
+         return IZ_EF_TRUNC;               /* no compressed data! */
+ 
++    method = makeword(eb + (EB_HEADSIZE + compr_offset));
++    if ((method == STORED) && (eb_size != compr_offset + EB_CMPRHEADLEN + eb_ucsize))
++        return PK_ERR;            /* compressed & uncompressed
++                                   * should match in STORED
++                                   * method */
++
+     if (
+ #ifdef INT_16BIT
+         (((ulg)(extent)eb_ucsize) != eb_ucsize) ||

Added: overflow-fsize.patch
===================================================================
--- overflow-fsize.patch	                        (rev 0)
+++ overflow-fsize.patch	2015-03-15 04:53:48 UTC (rev 233850)
@@ -0,0 +1,34 @@
+t a/list.c b/list.c
+index f7359c3..4c3d703 100644
+--- a/list.c
++++ b/list.c
+@@ -97,7 +97,7 @@ int list_files(__G)    /* return PK-type error code */
+ {
+     int do_this_file=FALSE, cfactor, error, error_in_archive=PK_COOL;
+ #ifndef WINDLL
+-    char sgn, cfactorstr[10];
++    char sgn, cfactorstr[13];
+     int longhdr=(uO.vflag>1);
+ #endif
+     int date_format;
+@@ -339,7 +339,19 @@ int list_files(__G)    /* return PK-type error code */
+                 G.crec.compression_method == ENHDEFLATED) {
+                 methbuf[5] = dtype[(G.crec.general_purpose_bit_flag>>1) & 3];
+             } else if (methnum >= NUM_METHODS) {
+-                sprintf(&methbuf[4], "%03u", G.crec.compression_method);
++                /* 2013-02-26 SMS.
++                 * http://sourceforge.net/tracker/?func=detail
++                 *  &aid=2861648&group_id=118012&atid=679786
++                 * Unexpectedly large compression methods overflow
++                 * &methbuf[].  Use the old, three-digit decimal format
++                 * for values which fit.  Otherwise, sacrifice the
++                 * colon, and use four-digit hexadecimal.
++                 */
++                if (G.crec.compression_method <= 999) {
++                    sprintf( &methbuf[ 4], "%03u", G.crec.compression_method);
++                } else {
++                    sprintf( &methbuf[ 3], "%04X", G.crec.compression_method);
++                }
+             }
+ 
+ #if 0       /* GRR/Euro:  add this? */

More information about the arch-commits mailing list