Openwrt/packages
0
0
Fork 0
mirror of https://github.com/openwrt/packages.git synced 2025-02-07 05:49:50 +00:00
Code
packages/utils/unzip/patches/005-CVE-2015-7696-heap-overflow.patch
Álvaro Fernández Rojas b88213b3a7 unzip: patch CVE-2015-7696, CVE-2015-7697 and integer underflow 
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2015-11-01 16:19:56 +01:00

22 lines
740 B
Diff
Raw Permalink Blame History

--- a/crypt.c
+++ b/crypt.c
@@ -465,7 +465,17 @@ int decrypt(__G__ passwrd)
GLOBAL(pInfo->encrypted) = FALSE;
defer_leftover_input(__G);
for (n = 0; n < RAND_HEAD_LEN; n++) {
- b = NEXTBYTE;
+ /* 2012-11-23 SMS. (OUSPG report.)
+ * Quit early if compressed size < HEAD_LEN. The resulting
+ * error message ("unable to get password") could be improved,
+ * but it's better than trying to read nonexistent data, and
+ * then continuing with a negative G.csize. (See
+ * fileio.c:readbyte()).
+ */
+ if ((b = NEXTBYTE) == (ush)EOF)
+ {
+ return PK_ERR;
+ }
h[n] = (uch)b;
Trace((stdout, " (%02x)", h[n]));
}
View Git Blame Copy Permalink