import unzip-6.0-45.el8_4

This commit is contained in:
CentOS Sources 2021-06-29 09:46:30 -04:00 committed by Andrew Lukoshko
parent 204d830713
commit e4f2e00967
2 changed files with 105 additions and 1 deletions

View File

@ -0,0 +1,95 @@
From 122050bac16fae82a460ff739fb1ca0f106e9d85 Mon Sep 17 00:00:00 2001
From: Mark Adler <madler@alumni.caltech.edu>
Date: Sat, 2 Jan 2021 13:09:34 -0800
Subject: [PATCH] Determine Zip64 status entry-by-entry instead of for entire
file.
Fixes a bug for zip files with mixed Zip64 and not Zip64 entries,
which resulted in an incorrect data descriptor length. The bug is
seen when a Zip64 entry precedes a non-Zip64 entry, in which case
the data descriptor would have been assumed to be larger than it
is, resulting in an incorrect bomb warning due to a perceived
overlap with the next entry. This commit determines and saves the
Zip64 status for each entry based on the central directory, and
then computes the length of each data descriptor accordingly.
---
extract.c | 5 +++--
globals.h | 2 --
process.c | 4 +---
unzpriv.h | 1 +
4 files changed, 5 insertions(+), 7 deletions(-)
diff --git a/extract.c b/extract.c
index 504afd6..878817d 100644
--- a/extract.c
+++ b/extract.c
@@ -658,6 +658,7 @@ int extract_or_test_files(__G) /* return PK-type error code */
break;
}
}
+ G.pInfo->zip64 = FALSE;
if ((error = do_string(__G__ G.crec.extra_field_length,
EXTRA_FIELD)) != 0)
{
@@ -2187,12 +2188,12 @@ static int extract_or_test_member(__G) /* return PK-type error code */
(clen == SIG && /* if not SIG, no signature */
((G.lrec.csize & LOW) != SIG || /* if not SIG, have signature */
(ulen == SIG && /* if not SIG, no signature */
- (G.zip64 ? G.lrec.csize >> 32 : G.lrec.ucsize) != SIG
+ (G.pInfo->zip64 ? G.lrec.csize >> 32 : G.lrec.ucsize) != SIG
/* if not SIG, have signature */
)))))
/* skip four more bytes to account for signature */
shy += 4 - readbuf((char *)buf, 4);
- if (G.zip64)
+ if (G.pInfo->zip64)
shy += 8 - readbuf((char *)buf, 8); /* skip eight more for ZIP64 */
if (shy)
error = PK_ERR;
diff --git a/globals.h b/globals.h
index f9c6daf..a883c90 100644
--- a/globals.h
+++ b/globals.h
@@ -261,8 +261,6 @@ typedef struct Globals {
ecdir_rec ecrec; /* used in unzip.c, extract.c */
z_stat statbuf; /* used by main, mapname, check_for_newer */
- int zip64; /* true if Zip64 info in extra field */
-
int mem_mode;
uch *outbufptr; /* extract.c static */
ulg outsize; /* extract.c static */
diff --git a/process.c b/process.c
index d75d405..d643c6f 100644
--- a/process.c
+++ b/process.c
@@ -1903,8 +1903,6 @@ int getZip64Data(__G__ ef_buf, ef_len)
#define Z64FLGS 0xffff
#define Z64FLGL 0xffffffff
- G.zip64 = FALSE;
-
if (ef_len == 0 || ef_buf == NULL)
return PK_COOL;
@@ -1943,7 +1941,7 @@ int getZip64Data(__G__ ef_buf, ef_len)
break; /* Expect only one EF_PKSZ64 block. */
#endif /* 0 */
- G.zip64 = TRUE;
+ G.pInfo->zip64 = TRUE;
}
/* Skip this extra field block. */
diff --git a/unzpriv.h b/unzpriv.h
index 09f288e..75b3359 100644
--- a/unzpriv.h
+++ b/unzpriv.h
@@ -2034,6 +2034,7 @@ typedef struct min_info {
#ifdef UNICODE_SUPPORT
unsigned GPFIsUTF8: 1; /* crec gen_purpose_flag UTF-8 bit 11 is set */
#endif
+ unsigned zip64: 1; /* true if entry has Zip64 extra block */
#ifndef SFX
char Far *cfilname; /* central header version of filename */
#endif

View File

@ -7,7 +7,7 @@
Summary: A utility for unpacking zip files
Name: unzip
Version: 6.0
Release: 44%{?dist}
Release: 45%{?dist}
License: BSD
Group: Applications/Archiving
Source: http://downloads.sourceforge.net/infozip/unzip60.tar.gz
@ -73,6 +73,7 @@ Patch30: unzip-zipbomb-manpage.patch
Patch31: unzip-zipbomb-part4.patch
Patch32: unzip-zipbomb-part5.patch
Patch33: unzip-zipbomb-part6.patch
URL: http://www.info-zip.org/UnZip.html
BuildRequires: bzip2-devel
@ -124,6 +125,7 @@ a zip archive.
%patch31 -p1
%patch32 -p1
%patch33 -p1
%build
# IZ_HAVE_UXUIDGID is needed for right functionality of unzip -X
@ -144,6 +146,13 @@ make -f unix/Makefile prefix=$RPM_BUILD_ROOT%{_prefix} MANDIR=$RPM_BUILD_ROOT/%{
%{_mandir}/*/*
%changelog
* Tue Nov 24 2020 Jakub Martisko <jamartis@redhat.com> - 6.0-45
Fix a false positive zipbomb detection
Related: 1954649
Related: 1953565
Related: 1969876
Resolves: 1970326
* Tue Nov 24 2020 Jakub Martisko <jamartis@redhat.com> - 6.0-44
* Fix out of memory errors while checking for zip-bombs
Resolves: #1900915