openwrt-mirror/packages
1
0
Fork 0
mirror of https://github.com/openwrt/packages.git synced 2025-12-26 11:16:31 +04:00
Code Issues Packages Projects Releases Wiki Activity

unzip: patch CVE-2015-7696, CVE-2015-7697 and integer underflow

Browse Source 
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
This commit is contained in:
Álvaro Fernández Rojas
2015-11-01 16:19:56 +01:00
parent f8a70fc188
commit 8a70ddefc7
4 changed files with 58 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
utils/unzip/patches/007-integer-underflow-csiz_decrypted.patch Normal file
View File

@@ -0,0 +1,21 @@
--- a/extract.c
+++ b/extract.c
@@ -1257,8 +1257,17 @@ static int extract_or_test_entrylist(__G
if (G.lrec.compression_method == STORED) {
zusz_t csiz_decrypted = G.lrec.csize;
- if (G.pInfo->encrypted)
+ if (G.pInfo->encrypted) {
+ if (csiz_decrypted <= 12) {
+ /* handle the error now to prevent unsigned overflow */
+ Info(slide, 0x401, ((char *)slide,
+ LoadFarStringSmall(ErrUnzipNoFile),
+ LoadFarString(InvalidComprData),
+ LoadFarStringSmall2(Inflate)));
+ return PK_ERR;
+ }
csiz_decrypted -= 12;
+ }
if (G.lrec.ucsize != csiz_decrypted) {
Info(slide, 0x401, ((char *)slide,
LoadFarStringSmall2(WrnStorUCSizCSizDiff),