author | Lijo George<lijo.x.george@oracle.com> |
Tue, 18 Apr 2017 03:03:20 -0700 | |
branch | s11u3-sru |
changeset 7891 | 95cc369493f9 |
parent 7595 | a454f5e35b4c |
permissions | -rw-r--r-- |
7595
a454f5e35b4c
25208625 problem in UTILITY/ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
1 |
Patch based on http://seclists.org/oss-sec/2016/q4/600 |
a454f5e35b4c
25208625 problem in UTILITY/ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
2 |
The community plans to fix this security vulnerability in a future |
a454f5e35b4c
25208625 problem in UTILITY/ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
3 |
release, so we will not pass this patch to the community. |
a454f5e35b4c
25208625 problem in UTILITY/ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
4 |
|
a454f5e35b4c
25208625 problem in UTILITY/ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
5 |
--- unzip60/zipinfo.c 2017-01-12 01:09:21.487547363 -0800 |
a454f5e35b4c
25208625 problem in UTILITY/ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
6 |
+++ unzip60/zipinfo.c.new 2017-01-12 01:13:38.476562067 -0800 |
a454f5e35b4c
25208625 problem in UTILITY/ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
7 |
@@ -1987,7 +1987,18 @@ |
a454f5e35b4c
25208625 problem in UTILITY/ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
8 |
ush dnum=(ush)((G.crec.general_purpose_bit_flag>>1) & 3); |
a454f5e35b4c
25208625 problem in UTILITY/ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
9 |
methbuf[3] = dtype[dnum]; |
a454f5e35b4c
25208625 problem in UTILITY/ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
10 |
} else if (methnum >= NUM_METHODS) { /* unknown */ |
a454f5e35b4c
25208625 problem in UTILITY/ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
11 |
- sprintf(&methbuf[1], "%03u", G.crec.compression_method); |
a454f5e35b4c
25208625 problem in UTILITY/ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
12 |
+ /* 2016-12-05 SMS. |
a454f5e35b4c
25208625 problem in UTILITY/ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
13 |
+ * https://launchpad.net/bugs/1643750 |
a454f5e35b4c
25208625 problem in UTILITY/ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
14 |
+ * Unexpectedly large compression methods overflow |
a454f5e35b4c
25208625 problem in UTILITY/ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
15 |
+ * &methbuf[]. Use the old, three-digit decimal format |
a454f5e35b4c
25208625 problem in UTILITY/ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
16 |
+ * for values which fit. Otherwise, sacrifice the "u", |
a454f5e35b4c
25208625 problem in UTILITY/ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
17 |
+ * and use four-digit hexadecimal. |
a454f5e35b4c
25208625 problem in UTILITY/ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
18 |
+ */ |
a454f5e35b4c
25208625 problem in UTILITY/ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
19 |
+ if (G.crec.compression_method <= 999) { |
a454f5e35b4c
25208625 problem in UTILITY/ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
20 |
+ sprintf(&methbuf[1], "%03u", G.crec.compression_method); |
a454f5e35b4c
25208625 problem in UTILITY/ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
21 |
+ } else { |
a454f5e35b4c
25208625 problem in UTILITY/ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
22 |
+ sprintf(&methbuf[0], "%04X", G.crec.compression_method); |
a454f5e35b4c
25208625 problem in UTILITY/ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
23 |
+ } |
a454f5e35b4c
25208625 problem in UTILITY/ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
24 |
} |
a454f5e35b4c
25208625 problem in UTILITY/ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
25 |
|
a454f5e35b4c
25208625 problem in UTILITY/ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
26 |
for (k = 0; k < 15; ++k) |