unzip: patch CVE-2018-1000035 and add PKG_CPE_IDE
authorJan Pavlinec <jan.pavlinec@nic.cz>
Sat, 12 Jan 2019 20:25:37 +0000 (21:25 +0100)
committerYousong Zhou <yszhou4tech@gmail.com>
Tue, 15 Jan 2019 12:35:52 +0000 (20:35 +0800)
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
utils/unzip/Makefile
utils/unzip/patches/011-CVE-2018-1000035-overflow-password-protect.patch [new file with mode: 0644]

index fd8f74b7c34b7841d94fda04ab74ec5b5e84e2b8..25b42e1e4b403c9b7d3de08cd188a6fcedf33df6 100644 (file)
@@ -10,7 +10,7 @@ include $(TOPDIR)/rules.mk
 PKG_NAME:=unzip
 PKG_REV:=60
 PKG_VERSION:=6.0
-PKG_RELEASE:=6
+PKG_RELEASE:=7
 
 PKG_SOURCE:=$(PKG_NAME)$(PKG_REV).tar.gz
 PKG_SOURCE_URL:=@SF/infozip
@@ -19,6 +19,7 @@ PKG_MAINTAINER:=Álvaro Fernández Rojas <noltari@gmail.com>
 
 PKG_LICENSE:=BSD-4-Clause
 PKG_LICENSE_FILES:=LICENSE
+ PKG_CPE_ID:=cpe:/a:unzip:unzip
 
 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)/unzip$(PKG_REV)
 PKG_CHECK_FORMAT_SECURITY:=0
diff --git a/utils/unzip/patches/011-CVE-2018-1000035-overflow-password-protect.patch b/utils/unzip/patches/011-CVE-2018-1000035-overflow-password-protect.patch
new file mode 100644 (file)
index 0000000..e1fdcf5
--- /dev/null
@@ -0,0 +1,34 @@
+--- a/fileio.c
++++ b/fileio.c
+@@ -1,5 +1,5 @@
+ /*
+-  Copyright (c) 1990-2009 Info-ZIP.  All rights reserved.
++  Copyright (c) 1990-2017 Info-ZIP.  All rights reserved.
+
+   See the accompanying file LICENSE, version 2009-Jan-02 or later
+   (the contents of which are also included in unzip.h) for terms of use.
+@@ -1582,6 +1582,8 @@
+     int r = IZ_PW_ENTERED;
+     char *m;
+     char *prompt;
++    char *ep;
++    char *zp;
+
+ #ifndef REENTRANT
+     /* tell picky compilers to shut up about "unused variable" warnings */
+@@ -1590,9 +1592,12 @@
+
+     if (*rcnt == 0) {           /* First call for current entry */
+         *rcnt = 2;
+-        if ((prompt = (char *)malloc(2*FILNAMSIZ + 15)) != (char *)NULL) {
+-            sprintf(prompt, LoadFarString(PasswPrompt),
+-                    FnFilter1(zfn), FnFilter2(efn));
++        zp = FnFilter1( zfn);
++        ep = FnFilter2( efn);
++        prompt = (char *)malloc(        /* Slightly too long (2* "%s"). */
++         sizeof( PasswPrompt)+ strlen( zp)+ strlen( ep));
++        if (prompt != (char *)NULL) {
++            sprintf(prompt, LoadFarString(PasswPrompt), zp, ep);
+             m = prompt;
+         } else
+             m = (char *)LoadFarString(PasswPrompt2);