From 29bc097dd14d59d876e880621ee57a3c88dfc49e4113b520fc0aed32b6691451 Mon Sep 17 00:00:00 2001
From: Kristyna Streitova <kstreitova@suse.com>
Date: Tue, 5 Dec 2017 12:39:55 +0000
Subject: [PATCH] Accepting request 547224 from
 home:kstreitova:branches:Base:System

- add gzip-1.8-fix_unpack_EOB_check.patch to fix mishandling of
  leading zeros in the end-of-block code [bsc#1067891]

OBS-URL: https://build.opensuse.org/request/show/547224
OBS-URL: https://build.opensuse.org/package/show/Base:System/gzip?expand=0&rev=54
---
 gzip-1.8-fix_unpack_EOB_check.patch | 95 +++++++++++++++++++++++++++++
 gzip.changes                        |  6 ++
 gzip.spec                           |  6 ++
 3 files changed, 107 insertions(+)
 create mode 100644 gzip-1.8-fix_unpack_EOB_check.patch

diff --git a/gzip-1.8-fix_unpack_EOB_check.patch b/gzip-1.8-fix_unpack_EOB_check.patch
new file mode 100644
index 0000000..2ed8576
--- /dev/null
+++ b/gzip-1.8-fix_unpack_EOB_check.patch
@@ -0,0 +1,95 @@
+From 79f88bd1e54d6042fbe50c212f836920fa208e56 Mon Sep 17 00:00:00 2001
+From: Paul Eggert <eggert@cs.ucla.edu>
+Date: Mon, 16 Oct 2017 01:02:54 -0700
+Subject: gzip: fix bug in unpack EOB check
+
+Problem reported by Vidar Holen (Bug#28861).
+* NEWS: Mention fix.
+* tests/unpack-valid: New test.
+* tests/Makefile.am (TESTS): Add it.
+* unpack.c (build_tree): Report an error if Huffman tree has
+too few leaves.
+* unpack.c (unpack): Fix check for EOB.
+Remove now-unnecessary check for code out of range.
+---
+ tests/Makefile.am  |  1 +
+ tests/unpack-valid | 32 ++++++++++++++++++++++++++++++++
+ unpack.c           |  7 ++++---
+ 4 files changed, 40 insertions(+), 3 deletions(-)
+ create mode 100755 tests/unpack-valid
+
+Index: gzip-1.8/tests/unpack-valid
+===================================================================
+--- /dev/null
++++ gzip-1.8/tests/unpack-valid
+@@ -0,0 +1,32 @@
++#!/bin/sh
++# Test end-of-block check in unpack code
++
++# Copyright 2017 Free Software Foundation, Inc.
++
++# This program is free software: you can redistribute it and/or modify
++# it under the terms of the GNU General Public License as published by
++# the Free Software Foundation, either version 3 of the License, or
++# (at your option) any later version.
++
++# This program is distributed in the hope that it will be useful,
++# but WITHOUT ANY WARRANTY; without even the implied warranty of
++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++# GNU General Public License for more details.
++
++# You should have received a copy of the GNU General Public License
++# along with this program.  If not, see <https://www.gnu.org/licenses/>.
++# limit so don't run it by default.
++
++. "${srcdir=.}/init.sh"; path_prepend_ ..
++
++printf banana >exp || framework_failure_
++printf '\x1f\x1e\x00\x00\x00\x06\x03\x01\x01\x00\x61\x6e\x62\x16\xc8' >test.z \
++  || framework_failure_
++
++fail=0
++gzip -dc test.z > out 2> err || fail=1
++
++compare exp out || fail=1
++compare /dev/null err || fail=1
++
++Exit $fail
+Index: gzip-1.8/unpack.c
+===================================================================
+--- gzip-1.8.orig/unpack.c
++++ gzip-1.8/unpack.c
+@@ -186,6 +186,9 @@ local void build_tree()
+         /* Restore nodes to be parents+leaves: */
+         nodes += leaves[len];
+     }
++    if ((nodes >> 1) != 1)
++      gzip_error ("too few leaves in Huffman tree");
++
+     /* Construct the prefix table, from shortest leaves to longest ones.
+      * The shortest code is all ones, so we start at the end of the table.
+      */
+@@ -250,10 +253,8 @@ int unpack(in, out)
+               }
+         }
+         /* At this point, peek is the next complete code, of len bits */
+-        if (peek == eob)
++        if (peek == eob && len == max_len)
+           break; /* End of file.  */
+-        if (eob < peek)
+-          gzip_error ("invalid compressed data--code out of range");
+         put_ubyte(literal[peek+lit_base[len]]);
+         Tracev((stderr,"%02d %04x %c\n", len, peek,
+                 literal[peek+lit_base[len]]));
+Index: gzip-1.8/tests/Makefile.am
+===================================================================
+--- gzip-1.8.orig/tests/Makefile.am
++++ gzip-1.8/tests/Makefile.am
+@@ -27,6 +27,7 @@ TESTS =					\
+   stdin					\
+   trailing-nul				\
+   unpack-invalid			\
++  unpack-valid				\
+   z-suffix				\
+   zdiff					\
+   zgrep-f				\
diff --git a/gzip.changes b/gzip.changes
index 9da2c11..4984c94 100644
--- a/gzip.changes
+++ b/gzip.changes
@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Fri Dec  1 16:38:19 UTC 2017 - kstreitova@suse.com
+
+- add gzip-1.8-fix_unpack_EOB_check.patch to fix mishandling of
+  leading zeros in the end-of-block code [bsc#1067891]
+
 -------------------------------------------------------------------
 Wed May 31 02:54:52 UTC 2017 - bwiedemann@suse.com
 
diff --git a/gzip.spec b/gzip.spec
index 62a9724..e096c3d 100644
--- a/gzip.spec
+++ b/gzip.spec
@@ -34,6 +34,9 @@ Patch6:         zdiff.diff
 # PATCH FIX OPENSUSE BNC#799561 - zgrep silently fails on LZMA compressed files
 Patch7:         xz_lzma.patch
 Patch8:         manpage-no-date.patch
+Patch9:         gzip-1.8-fix_unpack_EOB_check.patch
+BuildRequires:  autoconf
+BuildRequires:  automake
 BuildRequires:  makeinfo
 BuildRequires:  xz
 Requires(post): %{install_info_prereq}
@@ -54,11 +57,14 @@ times.
 %patch6
 %patch7 -p1
 %patch8 -p1
+%patch9 -p1
 
 %build
 export CFLAGS="%{optflags} -fomit-frame-pointer \
 -W -Wall -Wno-unused-parameter -Wstrict-prototypes -Wpointer-arith -fPIE"
 export LDFLAGS="-pie"
+# add autoreconf because of gzip-1.8-fix_unpack_EOB_check.patch
+autoreconf -fi
 %configure --disable-silent-rules \
   gl_cv_func_printf_directive_n=yes \
   gl_cv_func_printf_infinite_long_double=yes