mirror of
https://git.in.rschanz.org/ryan77627/guix.git
synced 2024-12-26 06:18:07 -05:00
0c5a8007fe
* gnu/packages/patches/zziplib-CVE-2017-5974.patch, gnu/packages/patches/zziplib-CVE-2017-5975.patch, gnu/packages/patches/zziplib-CVE-2017-5976.patch, gnu/packages/patches/zziplib-CVE-2017-5978.patch, gnu/packages/patches/zziplib-CVE-2017-5979.patch, gnu/packages/patches/zziplib-CVE-2017-5981.patch: New files. * gnu/local.mk (dist_patch_DATA): Add them. * gnu/packages/zip.scm (zziplib)[source]: Use them.
28 lines
1.2 KiB
Diff
28 lines
1.2 KiB
Diff
Fix CVE-2017-5974:
|
|
|
|
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5974
|
|
|
|
Patch copied from Debian.
|
|
|
|
Index: zziplib-0.13.62/zzip/memdisk.c
|
|
===================================================================
|
|
--- zziplib-0.13.62.orig/zzip/memdisk.c
|
|
+++ zziplib-0.13.62/zzip/memdisk.c
|
|
@@ -216,12 +216,12 @@ zzip_mem_entry_new(ZZIP_DISK * disk, ZZI
|
|
/* override sizes/offsets with zip64 values for largefile support */
|
|
zzip_extra_zip64 *block = (zzip_extra_zip64 *)
|
|
zzip_mem_entry_extra_block(item, ZZIP_EXTRA_zip64);
|
|
- if (block)
|
|
+ if (block && ZZIP_GET16(block->z_datasize) >= (8 + 8 + 8 + 4))
|
|
{
|
|
- item->zz_usize = __zzip_get64(block->z_usize);
|
|
- item->zz_csize = __zzip_get64(block->z_csize);
|
|
- item->zz_offset = __zzip_get64(block->z_offset);
|
|
- item->zz_diskstart = __zzip_get32(block->z_diskstart);
|
|
+ item->zz_usize = ZZIP_GET64(block->z_usize);
|
|
+ item->zz_csize = ZZIP_GET64(block->z_csize);
|
|
+ item->zz_offset = ZZIP_GET64(block->z_offset);
|
|
+ item->zz_diskstart = ZZIP_GET32(block->z_diskstart);
|
|
}
|
|
}
|
|
/* NOTE:
|