GitList

Browse code

unzip : Fix CVE-2018-1000035

Change-Id: I165f0d5eba205379302ca29e3193f3bbcef1813c
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/5211
Tested-by: gerrit-photon <photon-checkins@vmware.com>
Reviewed-by: Sharath George

Xiaolin Li authored on 2018/05/30 09:06:26
Showing 2 changed files

SPECS/unzip/unzip-CVE-2018-1000035.patch index 0000000..af8ea03
SPECS/unzip/unzip.spec index b6238a6..4fbcc1c 100644

SPECS/unzip/unzip-CVE-2018-1000035.patch

History View file @ 78a46b0

                     new file mode 100644
@@ -0,0 +1,30 @@
                     +diff --git a/fileio.c b/fileio.c
                     +index a001dd4..4eb7e29 100644
                     +--- a/fileio.c
                     +@@ -1580,7 +1580,8 @@ int UZ_EXP UzpPassword (pG, rcnt, pwbuf, size, zfn, efn)
                     +     int r = IZ_PW_ENTERED;
                     +     char *m;
                     +     char *prompt;
                     +-
                     ++    char *ep;
                     ++    char *zp;
                     + #ifndef REENTRANT
                     +     /* tell picky compilers to shut up about "unused variable" warnings */
                     +     pG = pG;
                     +@@ -1588,9 +1589,12 @@ int UZ_EXP UzpPassword (pG, rcnt, pwbuf, size, zfn, efn)
+                    +
                     +     if (*rcnt == 0) {           /* First call for current entry */
                     +         *rcnt = 2;
                     +-        if ((prompt = (char *)malloc(2*FILNAMSIZ + 15)) != (char *)NULL) {
                     +-            sprintf(prompt, LoadFarString(PasswPrompt),
                     +-                    FnFilter1(zfn), FnFilter2(efn));
                     ++        zp = FnFilter1( zfn);
                     ++        ep = FnFilter2( efn);
                     ++        prompt = (char *)malloc(    /* Slightly too long (2* "%s"). */
                     ++         sizeof( PasswPrompt)+ strlen( zp)+ strlen( ep));
                     ++        if (prompt != (char *)NULL) {
                     ++            sprintf(prompt, LoadFarString(PasswPrompt), zp, ep);
                     +             m = prompt;
                     +         } else
                     +             m = (char *)LoadFarString(PasswPrompt2);

SPECS/unzip/unzip.spec

History View file @ 78a46b0

@@ -1,7 +1,7 @@
                      Summary:        Unzip-6.0
                      Name:           unzip
                      Version:        6.0
                     -Release:        10%{?dist}
                     +Release:        11%{?dist}
                      License:        BSD
                      URL:            http://www.gnu.org/software/%{name}
                      Source0:        http://downloads.sourceforge.net/infozip/unzip60.tar.gz
@@ -15,6 +15,7 @@ Patch1:         cve-2015-1315.patch
                      Patch2:         CVE-2015-7696-CVE-2015-7697.patch
                      Patch3:         unzip-CVE-2014-9844.patch
                      Patch4:         unzip-CVE-2014-9913.patch
                     +Patch5:         unzip-CVE-2018-1000035.patch
                      %description
                      The UnZip package contains ZIP extraction utilities. These are useful
@@ -28,6 +29,7 @@ with PKZIP or Info-ZIP utilities, primarily in a DOS environment.
                      %patch2 -p1
                      %patch3 -p1
                      %patch4 -p1
                     +%patch5 -p1
                      %build
                      case `uname -m` in
@@ -61,6 +63,8 @@ make %{?_smp_mflags}  check
                      %{_bindir}/*
                      %changelog
                     +*   Tue May 29 2018 Xiaolin Li <xiaolinl@vmware.com> 6.0-11
                     +-   Fix CVE-2018-1000035
                      *   Thu Nov 02 2017 Xiaolin Li <xiaolinl@vmware.com> 6.0-10
                      -   Fix CVE-2014-9844, CVE-2014-9913
                      *   Tue Apr 25 2017 Priyesh Padmavilasom <ppadmavilasom@vmware.com> 6.0-9