mirror of
https://git.in.rschanz.org/ryan77627/guix.git
synced 2024-12-29 07:42:23 -05:00
5400fdfd5d
* gnu/packages/compression.scm (lrzip)[source]: Add patch. * gnu/packages/patches/lrzip-CVE-2017-8842.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it.
23 lines
727 B
Diff
23 lines
727 B
Diff
From 38386bd482c0a8102a79958cb3eddcb97a167ca3 Mon Sep 17 00:00:00 2001
|
|
From: Con Kolivas <kernel@kolivas.org>
|
|
Date: Fri, 9 Mar 2018 17:39:40 +1100
|
|
Subject: [PATCH] CVE-2017-8842 Fix divide-by-zero in bufRead::get
|
|
|
|
---
|
|
libzpaq/libzpaq.h | 3 ++-
|
|
1 file changed, 2 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/libzpaq/libzpaq.h b/libzpaq/libzpaq.h
|
|
index 93387da..cbe211d 100644
|
|
--- a/libzpaq/libzpaq.h
|
|
+++ b/libzpaq/libzpaq.h
|
|
@@ -465,7 +465,8 @@ struct bufRead: public libzpaq::Reader {
|
|
|
|
int get() {
|
|
if (progress && !(*s_len % 128)) {
|
|
- int pct = (total_len - *s_len) * 100 / total_len;
|
|
+ int pct = (total_len > 0) ?
|
|
+ (total_len - *s_len) * 100 / total_len : 100;
|
|
|
|
if (pct / 10 != *last_pct / 10) {
|
|
int i;
|