Fix a sast issue (overlapping strcopy)

Resolves: RHEL-44659

unzip-6.0-sast.patch

@@ -0,0 +1,11 @@
+--- a/envargs.c	2005-03-04 03:23:38.000000000 +0100
++++ b/envargs.c	2024-11-26 13:17:22.289650230 +0100
+@@ -118,7 +118,7 @@
+ 
+             /* remove escape characters */
+             while ((argstart = MBSCHR(argstart, '\\')) != (char *)NULL) {
+-                strcpy(argstart, argstart + 1);
++                memmove(argstart, argstart + 1, strlen(argstart + 1) + 1);
+                 if (*argstart)
+                     ++argstart;
+             }

unzip.spec

@@ -6,7 +6,7 @@
 Summary: A utility for unpacking zip files
 Name: unzip
 Version: 6.0
-Release: 67%{?dist}
+Release: 68%{?dist}
 License: Info-ZIP
 Source: http://downloads.sourceforge.net/infozip/unzip60.tar.gz
 
@@ -78,6 +78,8 @@ Patch35: unzip-6.0-wcstombs-fortify.patch
 Patch36: unzip-6.0-fix-warning-messages-on-big-files.patch
 
 Patch37: unzip-zipbomb-part7.patch
+Patch38: unzip-6.0-sast.patch
+
 URL: http://infozip.sourceforge.net
 BuildRequires: make
 BuildRequires:  bzip2-devel, gcc
@@ -133,6 +135,7 @@ a zip archive.
 %patch35 -p1
 %patch36 -p1
 %patch37 -p1
+%patch38 -p1
 
 %build
 # IZ_HAVE_UXUIDGID is needed for right functionality of unzip -X
@@ -151,6 +154,10 @@ make -f unix/Makefile prefix=$RPM_BUILD_ROOT%{_prefix} MANDIR=$RPM_BUILD_ROOT%{_
 %{_mandir}/*/*
 
 %changelog
+* Tue Nov 26 2024 Jakub Martisko <jamartis@redhat.com> - 6.0-68
+- Fix a sast issue (overlapping strcopy)
+Resolves: RHEL-44659
+
 * Mon Nov 25 2024 Jakub Martisko <jamartis@redhat.com> - 6.0-67
 - zipinfo: remove the extra %c that caused invalid reads
 - zipinfo: fix the whitespaces in the output