me/guix
Archived
1
0
Fork 0
Code Activity
This repository has been archived on 2024-08-07. You can view files and clone it, but cannot push or open issues or pull requests.
guix/gnu/packages/patches/unzip-timestamp.patch
Léo Le Bouter 31d289a475
gnu: unzip: Add patches from Fedora [security fixes]. 
Non-exhaustively fixes CVE-2016-9844, CVE-2018-1000035, CVE-2018-18384, and
CVE-2019-13232.

* gnu/packages/patches/unzip-COVSCAN-fix-unterminated-string.patch,
gnu/packages/patches/unzip-CVE-2016-9844.patch,
gnu/packages/patches/unzip-CVE-2018-1000035.patch,
gnu/packages/patches/unzip-CVE-2018-18384.patch,
gnu/packages/patches/unzip-case-insensitive.patch,
gnu/packages/patches/unzip-alt-iconv-utf8-print.patch,
gnu/packages/patches/unzip-alt-iconv-utf8.patch,
gnu/packages/patches/unzip-close.patch,
gnu/packages/patches/unzip-exec-shield.patch,
gnu/packages/patches/unzip-fix-recmatch.patch,
gnu/packages/patches/unzip-manpage-fix.patch,
gnu/packages/patches/unzip-overflow.patch,
gnu/packages/patches/unzip-symlink.patch,
gnu/packages/patches/unzip-timestamp.patch,
gnu/packages/patches/unzip-valgrind.patch,
gnu/packages/patches/unzip-x-option.patch,
gnu/packages/patches/unzip-zipbomb-manpage.patch,
gnu/packages/patches/unzip-zipbomb-part1.patch,
gnu/packages/patches/unzip-zipbomb-part2.patch,
gnu/packages/patches/unzip-zipbomb-part3.patch: New patches.
* gnu/local.mk (dist_patch_DATA): Register them.
* gnu/packages/compression.scm (unzip/fixed): New variable. Apply patches.
(unzip)[replacement]: Graft.
2021-03-14 06:11:20 +01:00

41 lines
1.5 KiB
Diff
Raw Blame History

From: "Steven M. Schweda" <sms@antinode.info>
Subject: Do not ignore extra fields containing Unix Timestamps
Bug-Debian: https://bugs.debian.org/842993
X-Debian-version: 6.0-21
--- a/process.c
+++ b/process.c
@@ -2914,10 +2914,13 @@
break;
case EF_IZUNIX2:
- if (have_new_type_eb == 0) {
- flags &= ~0x0ff; /* ignore any previous IZUNIX field */
+ if (have_new_type_eb == 0) { /* (< 1) */
have_new_type_eb = 1;
}
+ if (have_new_type_eb <= 1) {
+ /* Ignore any prior (EF_IZUNIX/EF_PKUNIX) UID/GID. */
+ flags &= 0x0ff;
+ }
#ifdef IZ_HAVE_UXUIDGID
if (have_new_type_eb > 1)
break; /* IZUNIX3 overrides IZUNIX2 e.f. block ! */
@@ -2933,6 +2936,8 @@
/* new 3rd generation Unix ef */
have_new_type_eb = 2;
+ /* Ignore any prior EF_IZUNIX/EF_PKUNIX/EF_IZUNIX2 UID/GID. */
+ flags &= 0x0ff;
/*
Version 1 byte version of this extra field, currently 1
UIDSize 1 byte Size of UID field
@@ -2953,8 +2958,6 @@
uid_size = *((EB_HEADSIZE + 1) + ef_buf);
gid_size = *((EB_HEADSIZE + uid_size + 2) + ef_buf);
- flags &= ~0x0ff; /* ignore any previous UNIX field */
-
if ( read_ux3_value((EB_HEADSIZE + 2) + ef_buf,
uid_size, &z_uidgid[0])
&&
View git blame Copy permalink