From 8804116fd00d9e7cc929cbe628c06d27cf7d7000 Mon Sep 17 00:00:00 2001 From: Matteo Croce Date: Tue, 24 Sep 2024 13:19:22 +0200 Subject: [PATCH] fix obscure invalid memory access in zipinfo MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit zipinfo prints random garbage (and sometime crashes) when showing the usage: run 1: miscellaneous options: -h print header line -t print totals for listed files or for all -z print zipfile comment -T? print file times in sortable decimal format ?-C be case-insensitive 4l?????```??`???????????????????????????????? run 2: miscellaneous options: -h print header line -t print totals for listed files or for all -z print zipfile comment `-T? print file times in sortable decimal format ?-C? be case-insensitive (null) -x exclude filenames that follow from listing run 3: miscellaneous options: -h print header line -t print totals for listed files or for all -z print zipfile comment ?-T? print file times in sortable decimal format -Cv be case-insensitive 20 April 2009 -x exclude filenames that follow from listing run 4: segmentation fault This happens because four '%c' modifiers are passed to sprintf, without any corresponding argument. This obviously generates a long list of compiler warnings, which are ignored: In file included from unzip.h:720, from unzip.c:68: unzip.c: In function ‘usage’: unzpriv.h:1009:45: warning: format ‘%c’ expects argument of type ‘int’, but argument 3 has type ‘char *’ [-Wformat=] 1009 | # define LoadFarString(x) (char *)(x) | ^ unzpriv.h:2728:61: note: in definition of macro ‘Info’ 2728 | (*G.message)((zvoid *)&G, (uch *)(buf), (ulg)sprintf sprf_arg, (flag)) | ^~~~~~~~ unzip.c:2133:43: note: in expansion of macro ‘LoadFarString’ 2133 | Info(slide, flag, ((char *)slide, LoadFarString(ZipInfoUsageLine3), | ^~~~~~~~~~~~~ unzpriv.h:1009:45: warning: format ‘%c’ expects a matching ‘int’ argument [-Wformat=] 1009 | # define LoadFarString(x) (char *)(x) | ^ unzpriv.h:2728:61: note: in definition of macro ‘Info’ 2728 | (*G.message)((zvoid *)&G, (uch *)(buf), (ulg)sprintf sprf_arg, (flag)) | ^~~~~~~~ unzip.c:2133:43: note: in expansion of macro ‘LoadFarString’ 2133 | Info(slide, flag, ((char *)slide, LoadFarString(ZipInfoUsageLine3), | ^~~~~~~~~~~~~ unzpriv.h:1009:45: warning: format ‘%c’ expects a matching ‘int’ argument [-Wformat=] 1009 | # define LoadFarString(x) (char *)(x) | ^ unzpriv.h:2728:61: note: in definition of macro ‘Info’ 2728 | (*G.message)((zvoid *)&G, (uch *)(buf), (ulg)sprintf sprf_arg, (flag)) | ^~~~~~~~ unzip.c:2133:43: note: in expansion of macro ‘LoadFarString’ 2133 | Info(slide, flag, ((char *)slide, LoadFarString(ZipInfoUsageLine3), | ^~~~~~~~~~~~~ unzpriv.h:1009:45: warning: format ‘%c’ expects a matching ‘int’ argument [-Wformat=] 1009 | # define LoadFarString(x) (char *)(x) | ^ unzpriv.h:2728:61: note: in definition of macro ‘Info’ 2728 | (*G.message)((zvoid *)&G, (uch *)(buf), (ulg)sprintf sprf_arg, (flag)) | ^~~~~~~~ unzip.c:2133:43: note: in expansion of macro ‘LoadFarString’ 2133 | Info(slide, flag, ((char *)slide, LoadFarString(ZipInfoUsageLine3), | ^~~~~~~~~~~~~ unzpriv.h:1009:45: warning: format ‘%s’ expects a matching ‘char *’ argument [-Wformat=] 1009 | # define LoadFarString(x) (char *)(x) | ^ unzpriv.h:2728:61: note: in definition of macro ‘Info’ 2728 | (*G.message)((zvoid *)&G, (uch *)(buf), (ulg)sprintf sprf_arg, (flag)) | ^~~~~~~~ unzip.c:2133:43: note: in expansion of macro ‘LoadFarString’ 2133 | Info(slide, flag, ((char *)slide, LoadFarString(ZipInfoUsageLine3), | ^~~~~~~~~~~~~ Fix this by removing the '%c' modifiers. Resolves: RHEL-60054 Signed-off-by: Matteo Croce --- unzip-6.0-alt-iconv-utf8.patch | 4 ++-- unzip.spec | 6 +++++- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/unzip-6.0-alt-iconv-utf8.patch b/unzip-6.0-alt-iconv-utf8.patch index b9e3777..2e59ef6 100644 --- a/unzip-6.0-alt-iconv-utf8.patch +++ b/unzip-6.0-alt-iconv-utf8.patch @@ -174,8 +174,8 @@ Index: unzip-6.0/unzip.c +#else /* UNIX */ +static ZCONST char Far ZipInfoUsageLine3[] = "miscellaneous options:\n\ + -h print header line -t print totals for listed files or for all\n\ -+ -z print zipfile comment %c-T%c print file times in sortable decimal format\ -+\n %c-C%c be case-insensitive %s\ ++ -z print zipfile comment -T print file times in sortable decimal format\n\ ++ -C be case-insensitive %s\ + -x exclude filenames that follow from listing\n\ + -O CHARSET specify a character encoding for DOS, Windows and OS/2 archives\n\ + -I CHARSET specify a character encoding for UNIX and other archives\n"; diff --git a/unzip.spec b/unzip.spec index ac8a596..63cb658 100644 --- a/unzip.spec +++ b/unzip.spec @@ -7,7 +7,7 @@ Summary: A utility for unpacking zip files Name: unzip Version: 6.0 -Release: 57%{?dist} +Release: 58%{?dist} License: BSD Source: http://downloads.sourceforge.net/infozip/unzip60.tar.gz @@ -150,6 +150,10 @@ make -f unix/Makefile prefix=$RPM_BUILD_ROOT%{_prefix} MANDIR=$RPM_BUILD_ROOT/%{ %{_mandir}/*/* %changelog +* Tue Sep 24 2024 Matteo Croce - 6.0-58 +- Fix obscure invalid memory access in zipinfo +Resolves: RHEL-60054 + * Wed Jul 03 2024 Jakub Martisko - 6.0-57 - Fix: Unzip Fails on Large Zip Files - Use the patch from Debian dealing with this