From 48e4a9f32f93c404b6fb4472164d8e00d12b2937 Mon Sep 17 00:00:00 2001 From: Mark H Weaver Date: Thu, 8 Oct 2015 10:01:02 -0400 Subject: gnu: unzip: Add various fixes. * gnu/packages/patches/unzip-increase-size-of-cfactorstr.patch: Delete file. Replace with ... * gnu/packages/patches/unzip-overflow-long-fsize.patch: ... this new file. * gnu/packages/patches/unzip-attribs-overflow.patch, gnu/packages/patches/unzip-fix-overflows-and-infloop.patch, gnu/packages/patches/unzip-format-secure.patch: New files. * gnu/packages/patches/unzip-CVE-2014-9636.patch: Replace contents with fixed patch from Fedora. * gnu-system.am (dist_patch_DATA): Adjust accordingly. * gnu/packages/zip.scm (unzip)[source]: Adjust list of patches. --- gnu/packages/patches/unzip-attribs-overflow.patch | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 gnu/packages/patches/unzip-attribs-overflow.patch (limited to 'gnu/packages/patches/unzip-attribs-overflow.patch') diff --git a/gnu/packages/patches/unzip-attribs-overflow.patch b/gnu/packages/patches/unzip-attribs-overflow.patch new file mode 100644 index 0000000000..a24c31bb10 --- /dev/null +++ b/gnu/packages/patches/unzip-attribs-overflow.patch @@ -0,0 +1,16 @@ +Copied from Fedora. + +http://pkgs.fedoraproject.org/cgit/unzip.git/plain/unzip-6.0-attribs-overflow.patch?id=d18f821e + +diff -up unzip60/zipinfo.c.attribs-overflow unzip60/zipinfo.c +--- unzip60/zipinfo.c.attribs-overflow 2009-11-30 09:55:39.000000000 +0100 ++++ unzip60/zipinfo.c 2009-11-30 09:56:42.844263244 +0100 +@@ -1881,7 +1881,7 @@ static int zi_short(__G) /* return PK- + #endif + int k, error, error_in_archive=PK_COOL; + unsigned hostnum, hostver, methid, methnum, xattr; +- char *p, workspace[12], attribs[16]; ++ char *p, workspace[12], attribs[17]; + char methbuf[5]; + static ZCONST char dtype[5]="NXFS"; /* normal, maximum, fast, superfast */ + static ZCONST char Far os[NUM_HOSTS+1][4] = { -- cgit v1.2.3