Sisyphus repository
Last update: 1 october 2023 | SRPMs: 18631 | Visits: 37703729
en ru br
ALT Linux repos
S:6.0-alt5
5.0: 5.52-alt5
4.1: 5.52-alt5
4.0: 5.52-alt4.M40
+updates:5.52-alt4.M40
3.0: 5.52-alt1

Group :: Archiving/Compression
RPM: unzip

 Main   Changelog   Spec   Patches   Sources   Download   Gear   Bugs and FR  Repocop 

Patch: CVE-2015-7697-part_from_opensuse.patch
Download

From: Kamil Dudka <kdudka@redhat.com>
Date: Mon, 14 Sep 2015 18:24:56 +0200
Subject: fix infinite loop when extracting empty bzip2 data
Bug-Debian: https://bugs.debian.org/802160
Bug-RedHat: https://bugzilla.redhat.com/show_bug.cgi?id=1260944
Origin: other, https://bugzilla.redhat.com/attachment.cgi?id=1073339
---
Index: unzip60/zipinfo.c
===================================================================
--- unzip60.orig/zipinfo.c
+++ unzip60/zipinfo.c
@@ -1888,7 +1888,7 @@ static int zi_short(__G)   /* return PK-
     int         k, error, error_in_archive=PK_COOL;
     unsigned    hostnum, hostver, methid, methnum, xattr;
     char        *p, workspace[12], attribs[17];
-    char        methbuf[5];
+    char        methbuf[1+5+1];	/* large enough to hold 1 character + an unsigned short + NUL */
     static ZCONST char dtype[5]="NXFS"; /* normal, maximum, fast, superfast */
     static ZCONST char Far os[NUM_HOSTS+1][4] = {
         "fat", "ami", "vms", "unx", "cms", "atr", "hpf", "mac", "zzz",








 






	design & coding: Vladimir Lettiev aka crux © 2004-2005,
	Andrew Avramenko aka liks © 2007-2008

	current maintainer: Michael Shigorin