pool/zziplib
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 573379 from home:jmoellers:branches:devel:libraries:c_c++

Browse Source 
OBS-URL: https://build.opensuse.org/request/show/573379
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/zziplib?expand=0&rev=24
This commit is contained in:
Ismail Dönmez 2018-02-07 11:37:38 +00:00 committed by Git OBS Bridge
parent d191a5d2f2
commit 852e18aefc
3 changed files with 49 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
CVE-2018-6540.patch Normal file
View File

@ -0,0 +1,37 @@
Index: zziplib-0.13.67/zzip/mmapped.c
===================================================================
--- zziplib-0.13.67.orig/zzip/mmapped.c
+++ zziplib-0.13.67/zzip/mmapped.c
@@ -457,6 +457,12 @@ zzip_disk_findfirst(ZZIP_DISK * disk)
errno = EBADMSG;
return 0;
}
+ if (root >= disk->endbuf)
+ {
+ DBG1("root behind endbuf should be impossible");
+ errno = EBADMSG;
+ return 0;
+ }
if (zzip_disk_entry_check_magic(root))
{
DBG1("found the disk root");
Index: zziplib-0.13.67/zzip/memdisk.c
===================================================================
--- zziplib-0.13.67.orig/zzip/memdisk.c
+++ zziplib-0.13.67/zzip/memdisk.c
@@ -305,7 +305,14 @@ zzip_mem_entry_find_extra_block(ZZIP_MEM
char* ext_end = ext + entry->zz_extlen[i];
if (ext)
{
- while (ext + zzip_extra_block_headerlength <= ext_end)
+ /*
+ * Make sure that
+ * 1) the extra block header
+ * AND
+ * 2) the block we're looking for
+ * fit into the extra block!
+ */
+ while (ext + zzip_extra_block_headerlength + blocksize <= ext_end)
{
if (datatype == zzip_extra_block_get_datatype(ext))
{

10
zziplib.changes
View File

@ -1,3 +1,13 @@
-------------------------------------------------------------------
Tue Feb 6 14:55:03 UTC 2018 - josef.moellers@suse.com
- If an extension block is too small to hold an extension,
do not use the information therein.
- If the End of central directory record (EOCD) contains an
Offset of start of central directory which is beyond the end of
the file, reject the file.
[CVE-2018-6540, bsc#1079096, CVE-2018-6540.patch]
------------------------------------------------------------------- -------------------------------------------------------------------
Fri Feb 2 09:31:49 UTC 2018 - josef.moellers@suse.com Fri Feb 2 09:31:49 UTC 2018 - josef.moellers@suse.com

2
zziplib.spec
View File

@ -31,6 +31,7 @@ Patch1: zziplib-0.13.62-wronglinking.patch
Patch2: zziplib-largefile.patch Patch2: zziplib-largefile.patch
Patch3: CVE-2018-6381.patch Patch3: CVE-2018-6381.patch
Patch4: CVE-2018-6484.patch Patch4: CVE-2018-6484.patch
Patch5: CVE-2018-6540.patch
BuildRequires: autoconf BuildRequires: autoconf
BuildRequires: automake BuildRequires: automake
BuildRequires: fdupes BuildRequires: fdupes
@ -70,6 +71,7 @@ ZZipLib.
%patch2 %patch2
%patch3 -p1 %patch3 -p1
%patch4 -p1 %patch4 -p1
%patch5 -p1
# do not bother with html docs saving us python2 dependency # do not bother with html docs saving us python2 dependency
sed -i -e 's:docs ::g' Makefile.am sed -i -e 's:docs ::g' Makefile.am