pool/unzip
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
e3efc3f2fb
unzip/CVE-2022-0530.patch

29 lines
898 B
Diff
Raw Normal View History

Accepting request 1005199 from home:dspinella:branches:Archiving - Fix CVE-2022-0530, SIGSEGV during the conversion of an utf-8 string to a local string (CVE-2022-0530, bsc#1196177) * CVE-2022-0530.patch - Fix CVE-2022-0529, Heap out-of-bound writes and reads during conversion of wide string to local string (CVE-2022-0529, bsc#1196180) * CVE-2022-0529.patch OBS-URL: https://build.opensuse.org/request/show/1005199 OBS-URL: https://build.opensuse.org/package/show/Archiving/unzip?expand=0&rev=58
2022-09-21 14:52:47 +02:00
From: Enrico Zini <enrico@debian.org>
Subject: Fix null pointer dereference on invalid UTF-8 input
Bug-Debian: https://bugs.debian.org/1010355
X-Debian-version: 6.0-27
--- a/fileio.c
+++ b/fileio.c
@@ -2361,6 +2361,9 @@
/* convert UTF-8 to local character set */
fn = utf8_to_local_string(G.unipath_filename,
G.unicode_escape_all);
+ if (fn == NULL)
+ return PK_ERR;
+
/* make sure filename is short enough */
if (strlen(fn) >= FILNAMSIZ) {
fn[FILNAMSIZ - 1] = '\0';
--- a/process.c
+++ b/process.c
@@ -2611,6 +2611,8 @@
int escape_all;
{
zwchar *wide = utf8_to_wide_string(utf8_string);
+ if (wide == NULL)
+ return NULL;
char *loc = wide_to_local_string(wide, escape_all);
free(wide);
return loc;
Reference in New Issue Copy Permalink