From: sms
Subject: Fix CVE-2014-8139: CRC32 verification heap-based overflow
Bug-Debian: http://bugs.debian.org/773722

--- a/extract.c
+++ b/extract.c
@@ -1,5 +1,5 @@
 /*
-  Copyright (c) 1990-2009 Info-ZIP.  All rights reserved.
+  Copyright (c) 1990-2014 Info-ZIP.  All rights reserved.
 
   See the accompanying file LICENSE, version 2009-Jan-02 or later
   (the contents of which are also included in unzip.h) for terms of use.
@@ -298,6 +298,8 @@
 #ifndef SFX
    static ZCONST char Far InconsistEFlength[] = "bad extra-field entry:\n \
      EF block length (%u bytes) exceeds remaining EF data (%u bytes)\n";
+   static ZCONST char Far TooSmallEFlength[] = "bad extra-field entry:\n \
+     EF block length (%u bytes) invalid (< %d)\n";
    static ZCONST char Far InvalidComprDataEAs[] =
      " invalid compressed data for EAs\n";
 #  if (defined(WIN32) && defined(NTSD_EAS))
@@ -2023,7 +2025,8 @@
         ebID = makeword(ef);
         ebLen = (unsigned)makeword(ef+EB_LEN);
 
-        if (ebLen > (ef_len - EB_HEADSIZE)) {
+        if (ebLen > (ef_len - EB_HEADSIZE))
+        {
            /* Discovered some extra field inconsistency! */
             if (uO.qflag)
                 Info(slide, 1, ((char *)slide, "%-22s ",
@@ -2032,6 +2035,16 @@
               ebLen, (ef_len - EB_HEADSIZE)));
             return PK_ERR;
         }
+        else if (ebLen < EB_HEADSIZE)
+        {
+            /* Extra block length smaller than header length. */
+            if (uO.qflag)
+                Info(slide, 1, ((char *)slide, "%-22s ",
+                  FnFilter1(G.filename)));
+            Info(slide, 1, ((char *)slide, LoadFarString(TooSmallEFlength),
+              ebLen, EB_HEADSIZE));
+            return PK_ERR;
+        }
 
         switch (ebID) {
             case EF_OS2:
select>
<input class='txt' type='search' size='10' name='q' value=''/>
<input type='submit' value='search'/>
</form>
</td></tr></table>
<div class='path'>path: <a href='/guix/log/?id=c1d165ec79dcd4df03a097010e2b8cef19f4ce40'>root</a>/<a href='/guix/log/.gitignore?id=c1d165ec79dcd4df03a097010e2b8cef19f4ce40'>.gitignore</a></div><div class='content'><table class='list nowrap'><tr class='nohover'><th class='left'>Age</th><th class='left'>Commit message (<a href='/guix/log/.gitignore?id=c1d165ec79dcd4df03a097010e2b8cef19f4ce40&amp;showmsg=1'>Expand</a>)</th><th class='left'>Author</th></tr>
<tr><td><span title='2020-10-20 19:16:21 +0200'>2020-10-20</span></td><td><a href='/guix/commit/.gitignore?id=e6994bff2ef461a2860e4207095746a5565cbf0e'>gitignore: Ignore generated guile binary and intermediate products.</a><span class='msg-avail'>...<span class='msg-tooltip'>* .gitignore: Ignore guile, guile-guile-launcher.o, .deps and .dirstamp.
</span></span></td><td>Julien Lepiller</td></tr>
<tr><td><span title='2020-09-17 14:10:42 +0200'>2020-09-17</span></td><td><a href='/guix/commit/.gitignore?id=cabac732deffafc796537658a6c33c6c4aec821e'>guix-install.sh: Support OpenRC.</a><span class='msg-avail'>...<span class='msg-tooltip'>* etc/guix-install.sh (chk_init_sys): Detect OpenRC.
(sys_enable_guix_daemon): Install &amp; enable the Guix daemon on such
systems.
* etc/openrc/guix-daemon.in: New file.
* nix/local.mk: Add a rule for it.
(openrcservicedir, nodist_openrcservice_DATA): New variables.
(CLEANFILES, EXTRA_DIST): Add them.
* .gitignore: Ignore etc/openrc/guix-daemon.

Signed-off-by: Tobias Geerinckx-Rice &lt;me@tobias.gr&gt;
</span></span></td><td>Morgan Smith</td></tr>
<tr><td><span title='2020-07-17 15:23:53 +0200'>2020-07-17</span></td><td><a href='/guix/commit/.gitignore?id=d6b05ba3534b030f8de976e340c19ac8a4118ff4'>gitignore: Don't ignore daemon source code.</a><span class='msg-avail'>...<span class='msg-tooltip'>Remove files that are included in the repository from .gitignore. This
improves the behavior of some code-searching tools.
</span></span></td><td>Jakub Kądziołka</td></tr>
<tr><td><span title='2020-06-28 13:28:25 +0200'>2020-06-28</span></td><td><a href='/guix/commit/.gitignore?id=b9edefbc46da76fea6d56e08462618a398192189'>.gitignore: Ignore 'etc/committer.scm'.</a><span class='msg-avail'>...<span class='msg-tooltip'>* .gitignore: Add '/etc/committer.scm'.
</span></span></td><td>Brice Waegeneire</td></tr>
<tr><td><span title='2020-05-16 15:37:41 +0200'>2020-05-16</span></td><td><a href='/guix/commit/.gitignore?id=1a1faa78b0498fbb71f1533beb4b65817c1d3f2a'>etc: Add a systemd unit to bind-mount @storedir@ read-only.</a><span class='msg-avail'>...<span class='msg-tooltip'>* etc/gnu-store.mount.in: New file.
* nix/local.mk (nodist_systemdservice_DATA): Add it.
(etc/%.mount): New rule for it.
* etc/guix-install.sh (sys_enable_guix_daemon): Install it.
* doc/guix.texi (Binary Installation): Document it.
* .gitignore: Ignore changes to it.
</span></span></td><td>Tobias Geerinckx-Rice</td></tr>
<tr><td><span title='2020-05-14 23:05:42 -0400'>2020-05-14</span></td><td><a href='/guix/commit/.gitignore?id=cb21ae76714f1873d3b3fb40d5135f00ec104b85'>etc: indent-code.el: Use the --quick option.</a><span class='msg-avail'>...<span class='msg-tooltip'>This prevents Emacs from loading the autoload definitions found in its
profile, which needlessly clutters the output.  It also prevents Geiser (if
installed) from blocking the script and asking the user to input the Scheme
implementation to use.

The trick for passing multiple arguments to Emacs is to use what is called a
"sesquicolon" (see https://www.emacswiki.org/emacs/EmacsScripts).

* etc/indent-code.el.in: Rename to...
* etc/indent-code.el: ...this.  Adapt the shebang to use a sesquicolon, and
pass the --quick option to Emacs.  Since this line is interpreted by the
shell, simply use Emacs from the PATH instead of from a hard coded location.
(main): New procedure, used as the entry point.
* configure.ac: Remove the warning about Emacs.  Emacs can now be installed
any time by the user if they want to use the script.
* .gitignore: No longer ignore changes to etc/indent-code.el.
</span></span></td><td>Maxim Cournoyer</td></tr>
<tr><td><span title='2020-03-30 12:24:55 +0200'>2020-03-30</span></td><td><a href='/guix/commit/.gitignore?id=6e27d1088da07380872f0df9f308b674536cefc8'>.gitignore: Ignore test results in tests/services.</a><span class='msg-avail'>...<span class='msg-tooltip'>This is a follow-up to commit d3e439e355284f136ff13eb3e6fffb4661552f3b.

* .gitignore: Add /tests/services/*.trs.
</span></span></td><td>Marius Bakke</td></tr>
<tr><td><span title='2020-03-11 02:45:33 +0100'>2020-03-11</span></td><td><a href='/guix/commit/.gitignore?id=73fbe04107d38f4561636c74d28d7a4935cbb1ef'>Add system start-up files for guix-daemon.</a><span class='msg-avail'>...<span class='msg-tooltip'>* etc/init.d/guix-daemon.in: New file.
* nix/local.mk (etc/init.d/guix-daemon): New rule.
(nodist_sysvinitservice_DATA): Add etc/init.d/guix-daemon.in .
(CLEANFILES): Add etc/init.d/guix-daemon .
* .gitignore: Add etc/init.d/guix-daemon .
</span></span></td><td>Danny Milosavljevic</td></tr>

Age	Commit message (Expand)	Author
2020-10-20	gitignore: Ignore generated guile binary and intermediate products....* .gitignore: Ignore guile, guile-guile-launcher.o, .deps and .dirstamp.	Julien Lepiller
2020-09-17	guix-install.sh: Support OpenRC....* etc/guix-install.sh (chk_init_sys): Detect OpenRC. (sys_enable_guix_daemon): Install & enable the Guix daemon on such systems. * etc/openrc/guix-daemon.in: New file. * nix/local.mk: Add a rule for it. (openrcservicedir, nodist_openrcservice_DATA): New variables. (CLEANFILES, EXTRA_DIST): Add them. * .gitignore: Ignore etc/openrc/guix-daemon. Signed-off-by: Tobias Geerinckx-Rice <me@tobias.gr>	Morgan Smith
2020-07-17	gitignore: Don't ignore daemon source code....Remove files that are included in the repository from .gitignore. This improves the behavior of some code-searching tools.	Jakub Kądziołka
2020-06-28	.gitignore: Ignore 'etc/committer.scm'....* .gitignore: Add '/etc/committer.scm'.	Brice Waegeneire
2020-05-16	etc: Add a systemd unit to bind-mount @storedir@ read-only....* etc/gnu-store.mount.in: New file. * nix/local.mk (nodist_systemdservice_DATA): Add it. (etc/%.mount): New rule for it. * etc/guix-install.sh (sys_enable_guix_daemon): Install it. * doc/guix.texi (Binary Installation): Document it. * .gitignore: Ignore changes to it.	Tobias Geerinckx-Rice
2020-05-14	etc: indent-code.el: Use the --quick option....This prevents Emacs from loading the autoload definitions found in its profile, which needlessly clutters the output. It also prevents Geiser (if installed) from blocking the script and asking the user to input the Scheme implementation to use. The trick for passing multiple arguments to Emacs is to use what is called a "sesquicolon" (see https://www.emacswiki.org/emacs/EmacsScripts). * etc/indent-code.el.in: Rename to... * etc/indent-code.el: ...this. Adapt the shebang to use a sesquicolon, and pass the --quick option to Emacs. Since this line is interpreted by the shell, simply use Emacs from the PATH instead of from a hard coded location. (main): New procedure, used as the entry point. * configure.ac: Remove the warning about Emacs. Emacs can now be installed any time by the user if they want to use the script. * .gitignore: No longer ignore changes to etc/indent-code.el.	Maxim Cournoyer
2020-03-30	.gitignore: Ignore test results in tests/services....This is a follow-up to commit d3e439e355284f136ff13eb3e6fffb4661552f3b. * .gitignore: Add /tests/services/*.trs.	Marius Bakke
2020-03-11	Add system start-up files for guix-daemon....* etc/init.d/guix-daemon.in: New file. * nix/local.mk (etc/init.d/guix-daemon): New rule. (nodist_sysvinitservice_DATA): Add etc/init.d/guix-daemon.in . (CLEANFILES): Add etc/init.d/guix-daemon . * .gitignore: Add etc/init.d/guix-daemon .	Danny Milosavljevic