Fix: buffer overflow with unicode file names

Resolves: rhbz#2165653
This commit is contained in:
Jakub Martisko 2023-09-18 13:04:00 +02:00
parent 2105f00991
commit a2433a4859
2 changed files with 19 additions and 1 deletions

12
buffer_overflow.patch Normal file
View File

@ -0,0 +1,12 @@
diff -urp zip30/fileio.c zip30/fileio.c
--- zip30/fileio.c 2008-05-29 03:13:24.000000000 +0300
+++ zip30/fileio.c 2023-05-02 12:19:50.488314853 +0300
@@ -3502,7 +3502,7 @@ zwchar *local_to_wide_string(local_strin
if ((wc_string = (wchar_t *)malloc((wsize + 1) * sizeof(wchar_t))) == NULL) {
ZIPERR(ZE_MEM, "local_to_wide_string");
}
- wsize = mbstowcs(wc_string, local_string, strlen(local_string) + 1);
+ wsize = mbstowcs(wc_string, local_string, wsize + 1);
wc_string[wsize] = (wchar_t) 0;
/* in case wchar_t is not zwchar */

View File

@ -1,7 +1,7 @@
Summary: A file compression and packaging utility compatible with PKZIP Summary: A file compression and packaging utility compatible with PKZIP
Name: zip Name: zip
Version: 3.0 Version: 3.0
Release: 38%{?dist} Release: 39%{?dist}
License: Info-ZIP License: Info-ZIP
Source: http://downloads.sourceforge.net/infozip/zip30.tar.gz Source: http://downloads.sourceforge.net/infozip/zip30.tar.gz
URL: http://www.info-zip.org/Zip.html URL: http://www.info-zip.org/Zip.html
@ -17,6 +17,7 @@ Patch4: man.patch
Patch5: zip-3.0-format-security.patch Patch5: zip-3.0-format-security.patch
Patch6: zipnote.patch Patch6: zipnote.patch
Patch7: zip-gnu89-build.patch Patch7: zip-gnu89-build.patch
Patch8: buffer_overflow.patch
BuildRequires: make BuildRequires: make
BuildRequires: bzip2-devel, gcc BuildRequires: bzip2-devel, gcc
Requires: unzip Requires: unzip
@ -39,6 +40,7 @@ program.
%patch5 -p1 -b .format-security %patch5 -p1 -b .format-security
%patch6 -p1 -b .zipnote %patch6 -p1 -b .zipnote
%patch7 -p1 -b .gnu89-build %patch7 -p1 -b .gnu89-build
%patch8 -p1
%build %build
%{make_build} -f unix/Makefile prefix=%{_prefix} "CFLAGS_NOOPT=-I. -DUNIX $RPM_OPT_FLAGS" generic_gcc %{make_build} -f unix/Makefile prefix=%{_prefix} "CFLAGS_NOOPT=-I. -DUNIX $RPM_OPT_FLAGS" generic_gcc
@ -64,6 +66,10 @@ mkdir -p $RPM_BULD_ROOT%{_mandir}/man1
%{_mandir}/man1/zipsplit.1* %{_mandir}/man1/zipsplit.1*
%changelog %changelog
* Mon Sep 18 2023 Jakub Martisko <jamartis@redhat.com> - 3.0-39
- Fixc buffer overflow in unicode file names
Resolves: rhbz#2165653
* Sat Jul 22 2023 Fedora Release Engineering <releng@fedoraproject.org> - 3.0-38 * Sat Jul 22 2023 Fedora Release Engineering <releng@fedoraproject.org> - 3.0-38
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild