diff --git a/minizip-1.2.3-malloc.patch b/minizip-1.2.3-malloc.patch new file mode 100644 index 0000000..1f4c3fd --- /dev/null +++ b/minizip-1.2.3-malloc.patch @@ -0,0 +1,15 @@ +diff -up zlib-1.2.3/contrib/minizip/miniunz.c.pom zlib-1.2.3/contrib/minizip/miniunz.c +--- zlib-1.2.3/contrib/minizip/miniunz.c.pom 2005-07-12 20:08:40.000000000 +0200 ++++ zlib-1.2.3/contrib/minizip/miniunz.c 2008-12-01 11:12:23.000000000 +0100 +@@ -112,6 +112,11 @@ int makedir (newdir) + return 0; + + buffer = (char*)malloc(len+1); ++ if (buffer==NULL) ++ { ++ printf("Error allocating memory\n"); ++ return UNZ_INTERNALERROR; ++ } + strcpy(buffer,newdir); + + if (buffer[len-1] == '/') { diff --git a/zlib.spec b/zlib.spec index ce012fd..edd42ac 100644 --- a/zlib.spec +++ b/zlib.spec @@ -1,12 +1,13 @@ Summary: The zlib compression and decompression library Name: zlib Version: 1.2.3 -Release: 18%{?dist} +Release: 19%{?dist} Group: System Environment/Libraries Source: http://www.zlib.net/zlib-%{version}.tar.gz Patch3: zlib-1.2.3-autotools.patch Patch4: minizip-1.2.3-autotools.patch Patch5: zlib-1.2.3-minizip.patch +Patch6: minizip-1.2.3-malloc.patch URL: http://www.gzip.org/zlib/ License: zlib BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -60,6 +61,7 @@ developing applications which use minizip. %patch3 -p1 -b .autotools %patch4 -p1 -b .autotools2 %patch5 -p1 -b .inc +%patch6 -p1 -b .mal iconv -f windows-1252 -t utf-8 ChangeLog.tmp mv ChangeLog.tmp ChangeLog cp Makefile Makefile.old @@ -152,6 +154,9 @@ rm -rf ${RPM_BUILD_ROOT} %{_libdir}/pkgconfig/minizip.pc %changelog +* Mon Dec 1 2008 Ivana Varekova - 1.2.3-19 +- fix 473490 - unchecked malloc + * Wed Feb 13 2008 Ivana Varekova - 1.2.3-18 - change license tag (226671#c29)