rpms/zip
6
0
Fork 0
Code Issues Pull Requests Releases Activity

import UBI zip-3.0-44.el10

Browse Source
This commit is contained in:
eabdullin 2025-05-14 19:33:05 +00:00
parent b675e14d1a
commit a58134bd83
7 changed files with 138 additions and 59 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@ -1 +1 @@
/zip30.tar.gz zip30.tar.gz

12
buffer_overflow.patch Normal file
View File

@ -0,0 +1,12 @@
diff -urp zip30/fileio.c zip30/fileio.c
--- zip30/fileio.c 2008-05-29 03:13:24.000000000 +0300
+++ zip30/fileio.c 2023-05-02 12:19:50.488314853 +0300
@@ -3502,7 +3502,7 @@ zwchar *local_to_wide_string(local_strin
if ((wc_string = (wchar_t *)malloc((wsize + 1) * sizeof(wchar_t))) == NULL) {
ZIPERR(ZE_MEM, "local_to_wide_string");
}
- wsize = mbstowcs(wc_string, local_string, strlen(local_string) + 1);
+ wsize = mbstowcs(wc_string, local_string, wsize + 1);
wc_string[wsize] = (wchar_t) 0;
/* in case wchar_t is not zwchar */

6
gating.yaml
View File

@ -1,6 +0,0 @@
--- !Policy
product_versions:
- rhel-8
decision_context: osci_compose_gate
rules:
- !PassingTestCaseRule {test_case_name: osci.brew-build.tier0.functional}

11
sast.patch Normal file
View File

@ -0,0 +1,11 @@
--- ./util.c.old 2025-01-28 14:32:33.064491685 +0100
+++ ./util.c 2025-01-28 14:34:51.331444527 +0100
@@ -862,7 +862,7 @@
/* remove escape characters */
while ((argstart = MBSCHR(argstart, '\\')) != NULL) {
- strcpy(argstart, argstart + 1);
+ memmove(argstart, argstart +1, strlen(argstart)+1);
if (*argstart)
++argstart;
}

24
zip-3.0-covscan1.patch
View File

@ -1,24 +0,0 @@
From b0b6660d474738a23e6ef84afadd4f87793e3ad0 Mon Sep 17 00:00:00 2001
From: Kamil Dudka <kdudka@redhat.com>
Date: Tue, 13 Nov 2018 12:57:13 +0100
Subject: [PATCH] XXX
---
zip.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/zip.h b/zip.h
index ba03160..d62de9a 100644
--- a/zip.h
+++ b/zip.h
@@ -609,7 +609,7 @@ extern int bflag;
void zipmessage_nl OF((ZCONST char *, int));
void zipmessage OF((ZCONST char *, ZCONST char *));
void zipwarn OF((ZCONST char *, ZCONST char *));
-void ziperr OF((int, ZCONST char *));
+void ziperr OF((int, ZCONST char *)) __attribute__ ((noreturn));
#ifdef UTIL
# define error(msg) ziperr(ZE_LOGIC, msg)
#else
--
2.17.2

15
zip-gnu89-build.patch Normal file
View File

@ -0,0 +1,15 @@
zip uses C89-only features, so it needs to be built in C89 mode.
diff --git a/unix/Makefile b/unix/Makefile
index 86cf54bf0f56cea9..244390893eab5fc6 100644
--- a/unix/Makefile
+++ b/unix/Makefile
@@ -202,7 +202,7 @@ generic: flags
eval $(MAKE) $(MAKEF) zips `cat flags`
generic_gcc:
- $(MAKE) $(MAKEF) generic CC=gcc CPP="gcc -E"
+ $(MAKE) $(MAKEF) generic CC="gcc -std=gnu89" CPP="gcc -E"
# AT&T 6300 PLUS (don't know yet how to allocate 64K bytes):
att6300nodir:

127
zip.spec
View File

@ -1,9 +1,8 @@
Summary: A file compression and packaging utility compatible with PKZIP Summary: A file compression and packaging utility compatible with PKZIP
Name: zip Name: zip
Version: 3.0 Version: 3.0
Release: 23%{?dist} Release: 44%{?dist}
License: BSD License: Info-ZIP
Group: Applications/Archiving
Source: http://downloads.sourceforge.net/infozip/zip30.tar.gz Source: http://downloads.sourceforge.net/infozip/zip30.tar.gz
URL: http://www.info-zip.org/Zip.html URL: http://www.info-zip.org/Zip.html
@ -17,13 +16,14 @@ Patch3: zip-3.0-time.patch
Patch4: man.patch Patch4: man.patch
Patch5: zip-3.0-format-security.patch Patch5: zip-3.0-format-security.patch
Patch6: zipnote.patch Patch6: zipnote.patch
Patch7: zip-3.0-configure.patch Patch7: zip-gnu89-build.patch
Patch8: zip-3.0-covscan1.patch Patch8: buffer_overflow.patch
BuildRequires: bzip2-devel Patch9: zip-3.0-configure.patch
Patch10: sast.patch
BuildRequires: make
BuildRequires: bzip2-devel, gcc
Requires: unzip Requires: unzip
%global _hardened_build 1
%description %description
The zip program is a compression and file packaging utility. Zip is The zip program is a compression and file packaging utility. Zip is
analogous to a combination of the UNIX tar and compress commands and analogous to a combination of the UNIX tar and compress commands and
@ -35,24 +35,31 @@ program.
%prep %prep
%setup -q -n zip30 %setup -q -n zip30
%patch1 -p1 -b .exec-shield %patch 1 -p1
%patch2 -p1 -b .currdir %patch 2 -p1
%patch3 -p1 -b .time %patch 3 -p1
%patch4 -p1 -b .man %patch 4 -p1
%patch5 -p1 -b .format-security %patch 5 -p1
%patch6 -p1 -b .zipnote %patch 6 -p1
%patch7 -p1 -b .zipconfigure %patch 7 -p1
%patch8 -p1 -b .covscan1 %patch 8 -p1
%patch 9 -p1
%patch 10 -p1
%build %build
make -f unix/Makefile generic_gcc refix=%{_prefix} LFLAGS2="$RPM_LD_FLAGS" CFLAGS_NOOPT="-I. -DUNIX $RPM_OPT_FLAGS" %{?_smp_mflags} #Remove assembly file to force the c implementation of the crc functions
#Related to 3.0-33 and 3.0-34
rm crc_i386.S
rm match.S
%{make_build} -f unix/Makefile prefix=%{_prefix} CFLAGS_NOOPT="-I. -DUNIX -DNO_ASM $RPM_OPT_FLAGS" LFLAGS2="%{?__global_ldflags}" generic_gcc %{?_smp_mflags}
%install %install
mkdir -p $RPM_BUILD_ROOT%{_bindir} mkdir -p $RPM_BUILD_ROOT%{_bindir}
mkdir -p $RPM_BULD_ROOT%{_mandir}/man1 mkdir -p $RPM_BULD_ROOT%{_mandir}/man1
make -f unix/Makefile prefix=$RPM_BUILD_ROOT%{_prefix} \ %{make_install} -f unix/Makefile prefix=$RPM_BUILD_ROOT%{_prefix} \
MANDIR=$RPM_BUILD_ROOT%{_mandir}/man1 install MANDIR=$RPM_BUILD_ROOT%{_mandir}/man1
%files %files
%license LICENSE %license LICENSE
@ -68,16 +75,80 @@ make -f unix/Makefile prefix=$RPM_BUILD_ROOT%{_prefix} \
%{_mandir}/man1/zipsplit.1* %{_mandir}/man1/zipsplit.1*
%changelog %changelog
* Tue Nov 13 2018 Jakub Martisko <jamartis@redhat.com> - 3.0-23 * Tue Jan 28 2025 Jakub Martisko <jamartis@redhat.com> - 3.0-44
- Set the ziperr function as noreturn - Fix overlaping strcpy
- Fix email in the previous chnagelog entry Resolves: RHEL-44646
- Related: #1602741
* Fri Oct 19 2018 Jakub Martisko <jamartis@redhat.com> - 3.0-22 * Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 3.0-43
- Add missing linker flags - Bump release for October 2024 mass rebuild:
- Port the configure patch from unzip that allows linker flags configuration Resolves: RHEL-64018
from the spec file
- Related: #1624188 * Wed Jul 03 2024 Jakub Martisko <jamartis@redhat.com> - 3.0-42
- Use C implementation of some functions instead of asm
- Fix the missing compiler/linker flags
- Minor spec clean up
Resolves: RHEL-33526
* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 3.0-41
- Bump release for June 2024 mass rebuild
* Sat Jan 27 2024 Fedora Release Engineering <releng@fedoraproject.org> - 3.0-40
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Mon Sep 18 2023 Jakub Martisko <jamartis@redhat.com> - 3.0-39
- Fixc buffer overflow in unicode file names
Resolves: rhbz#2165653
* Sat Jul 22 2023 Fedora Release Engineering <releng@fedoraproject.org> - 3.0-38
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Thu Apr 13 2023 Lukáš Zaoral <lzaoral@redhat.com> - 3.0-37
- migrate to SPDX license format
* Sat Jan 21 2023 Fedora Release Engineering <releng@fedoraproject.org> - 3.0-36
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Fri Nov 18 2022 Florian Weimer <fweimer@redhat.com> - 3.0-35
- Really build with -std=gnu89 (#2143565)
* Thu Nov 17 2022 Florian Weimer <fweimer@redhat.com> - 3.0-34
- Build with -std=gnu89 (#2143565)
* Sat Jul 23 2022 Fedora Release Engineering <releng@fedoraproject.org> - 3.0-33
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Sat Jan 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 3.0-32
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Fri Jul 23 2021 Fedora Release Engineering <releng@fedoraproject.org> - 3.0-31
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Fri Mar 05 2021 Jakub Martisko <jamartis@redhat.com> - 3.0-30
- Use generic build instead of generic_gcc
* Fri Mar 05 2021 Jakub Martisko <jamartis@redhat.com> - 3.0-29
- Use build macros
* Thu Jan 28 2021 Fedora Release Engineering <releng@fedoraproject.org> - 3.0-28
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.0-27
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Fri Jan 31 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.0-26
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Sat Jul 27 2019 Fedora Release Engineering <releng@fedoraproject.org> - 3.0-25
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Sun Feb 03 2019 Fedora Release Engineering <releng@fedoraproject.org> - 3.0-24
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 3.0-23
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Thu Mar 01 2018 Jakub Martisko <jamartis@redhat.com> - 3.0-22
- Add gcc to buildrequires
* Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 3.0-21 * Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 3.0-21
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild