Home Explore Help
Sign In
Parabola
/
abslibre
mirror of https://git.parabola.nu/abslibre.git
Watch 2
Star 0
Fork 0
Files Issues 0 Wiki
Tree: c4ee76a5b5
Branches Tags
abslibre
/
libre
/
unzip
/
nextbyte-overflow.patch

nextbyte-overflow.patch 1.1 KB
History Raw

12345678910111213141516171819202122232425262728293031323334 
  1. From: Petr Stodulka <pstodulk@redhat.com>
    2. 

  2. Date: Mon, 14 Sep 2015 18:23:17 +0200
    3. 

  3. Subject: Upstream fix for heap overflow
    4. 

  4. Bug-Debian: https://bugs.debian.org/802162
    5. 

  5. Bug-RedHat: https://bugzilla.redhat.com/show_bug.cgi?id=1260944
    6. 

  6. Origin: https://bugzilla.redhat.com/attachment.cgi?id=1073002
    7. 

  7. Forwarded: yes
    8. 

  8. 

  9. ---
    10. 

  10.  crypt.c | 12 +++++++++++-
    11. 

  11.  1 file changed, 11 insertions(+), 1 deletion(-)
    12. 

  12. 

  13. --- a/crypt.c
    14. 

  14. +++ b/crypt.c
    15. 

  15. @@ -465,7 +465,17 @@
    16. 

  16.      GLOBAL(pInfo->encrypted) = FALSE;
    17. 

  17.      defer_leftover_input(__G);
    18. 

  18.      for (n = 0; n < RAND_HEAD_LEN; n++) {
    19. 

  19. -        b = NEXTBYTE;
    20. 

  20. +        /* 2012-11-23 SMS.  (OUSPG report.)
    21. 

  21. +         * Quit early if compressed size < HEAD_LEN.  The resulting
    22. 

  22. +         * error message ("unable to get password") could be improved,
    23. 

  23. +         * but it's better than trying to read nonexistent data, and
    24. 

  24. +         * then continuing with a negative G.csize.  (See
    25. 

  25. +         * fileio.c:readbyte()).
    26. 

  26. +         */
    27. 

  27. +        if ((b = NEXTBYTE) == (ush)EOF)
    28. 

  28. +        {
    29. 

  29. +            return PK_ERR;
    30. 

  30. +        }
    31. 

  31.          h[n] = (uch)b;
    32. 

  32.          Trace((stdout, " (%02x)", h[n]));
    33. 

  33.      }
    34. 

  34.