Fix CVE-2017-5976: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5976 Patch copied from Debian. Index: zziplib-0.13.62/zzip/memdisk.c =================================================================== --- zziplib-0.13.62.orig/zzip/memdisk.c +++ zziplib-0.13.62/zzip/memdisk.c @@ -201,6 +201,7 @@ zzip_mem_entry_new(ZZIP_DISK * disk, ZZI { void *mem = malloc(ext1 + 2); item->zz_ext[1] = mem; + item->zz_extlen[1] = ext1 + 2; memcpy(mem, ptr1, ext1); ((char *) (mem))[ext1 + 0] = 0; ((char *) (mem))[ext1 + 1] = 0; @@ -209,6 +210,7 @@ zzip_mem_entry_new(ZZIP_DISK * disk, ZZI { void *mem = malloc(ext2 + 2); item->zz_ext[2] = mem; + item->zz_extlen[2] = ext2 + 2; memcpy(mem, ptr2, ext2); ((char *) (mem))[ext2 + 0] = 0; ((char *) (mem))[ext2 + 1] = 0; @@ -245,8 +247,10 @@ zzip_mem_entry_extra_block(ZZIP_MEM_ENTR while (1) { ZZIP_EXTRA_BLOCK *ext = entry->zz_ext[i]; - if (ext) + if (ext && (entry->zz_extlen[i] >= zzip_extra_block_headerlength)) { + char *endblock = (char *)ext + entry->zz_extlen[i]; + while (*(short *) (ext->z_datatype)) { if (datatype == zzip_extra_block_get_datatype(ext)) @@ -257,6 +261,10 @@ zzip_mem_entry_extra_block(ZZIP_MEM_ENTR e += zzip_extra_block_headerlength; e += zzip_extra_block_get_datasize(ext); ext = (void *) e; + if (e >= endblock) + { + break; + } ____; } } Index: zziplib-0.13.62/zzip/memdisk.h =================================================================== --- zziplib-0.13.62.orig/zzip/memdisk.h +++ zziplib-0.13.62/zzip/memdisk.h @@ -66,6 +66,7 @@ struct _zzip_mem_entry { int zz_filetype; /* (from "z_filetype") */ char* zz_comment; /* zero-terminated (from "comment") */ ZZIP_EXTRA_BLOCK* zz_ext[3]; /* terminated by null in z_datatype */ + int zz_extlen[3]; /* length of zz_ext[i] in bytes */ }; /* the extra blocks are NOT converted */ #define _zzip_mem_disk_findfirst(_d_) ((_d_)->list) /log/gnu/packages/crypto.scm?id=9fd6ad3e3557a8efeadf182af60e32c77b62b2af'>crypto.scm
AgeCommit message (Expand)Author
2019-02-26gnu: Add hpenc....Leo Famulari
2019-02-17gnu: keyutils: Update to 1.6....Marius Bakke
2019-02-17gnu: Remove unneeded uses of python{,2}-minimal....Marius Bakke
2019-01-26gnu: Add stoken....Eric Bavier
2019-01-25gnu: eschalot: Use INVOKE....Ricardo Wurmus
2019-01-16gnu: Move sqlite to separate module....Ricardo Wurmus
2019-01-15gnu: Separate Python core packages from the rest....Ricardo Wurmus
2019-01-13gnu: libsodium: Update to 1.0.17....Marius Bakke
2019-01-11gnu: opendht: Use jsoncpp and restbed....Pierre Neidhardt
2019-01-10gnu: opendht: Update to 1.8.1....Pierre Neidhardt
2019-01-10gnu: Add libsecp256k1....Pierre Neidhardt
2019-01-10gnu: crypto++: Update to 8.0.0....Pierre Neidhardt
2018-11-11gnu: opendht: Remove custom bootstrap phase....Ricardo Wurmus
2018-11-11gnu: opendht: Fetch sources from git....Ricardo Wurmus