Compare commits
No commits in common. "c8" and "c8-beta" have entirely different histories.
|
|
@ -0,0 +1,30 @@
|
|||
From 18c6c043bd7d8f139f30e9c7749013115d5fc5b7 Mon Sep 17 00:00:00 2001
|
||||
From: Valentin Lefebvre <valentin.lefebvre@suse.com>
|
||||
Date: Wed, 20 Sep 2023 12:04:56 +0200
|
||||
Subject: [PATCH] mmappend.c: Avoid invalid access for header entry
|
||||
|
||||
* zzip_disk_entry_to_file_header checking the pointer by substraction
|
||||
instead of addition where it could lead to an invalid access memory.
|
||||
* CVE-2020-18770
|
||||
|
||||
Signed-off-by: Valentin Lefebvre <valentin.lefebvre@suse.com>
|
||||
---
|
||||
zzip/mmapped.c | 5 +++--
|
||||
1 file changed, 3 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/zzip/mmapped.c b/zzip/mmapped.c
|
||||
index 2071882..beb094d 100644
|
||||
--- a/zzip/mmapped.c
|
||||
+++ b/zzip/mmapped.c
|
||||
@@ -275,8 +275,9 @@ zzip_disk_entry_to_data(ZZIP_DISK * disk, struct zzip_disk_entry * entry)
|
||||
struct zzip_file_header *
|
||||
zzip_disk_entry_to_file_header(ZZIP_DISK * disk, struct zzip_disk_entry *entry)
|
||||
{
|
||||
- zzip_byte_t *const ptr = disk->buffer + zzip_disk_entry_fileoffset(entry);
|
||||
- if (disk->buffer > ptr || ptr >= disk->endbuf)
|
||||
+ zzip_off_t off = zzip_disk_entry_fileoffset(entry);
|
||||
+ zzip_byte_t *const ptr = disk->buffer + off;
|
||||
+ if (disk->buffer > ptr || disk->buffer >= disk->endbuf - off)
|
||||
{
|
||||
errno = EBADMSG;
|
||||
return 0;
|
||||
|
|
@ -1,7 +1,7 @@
|
|||
Summary: Lightweight library to easily extract data from zip files
|
||||
Name: zziplib
|
||||
Version: 0.13.68
|
||||
Release: 9%{?dist}
|
||||
Release: 12%{?dist}
|
||||
License: LGPLv2+ or MPLv1.1
|
||||
Group: Applications/Archiving
|
||||
URL: http://zziplib.sourceforge.net/
|
||||
|
|
@ -26,6 +26,7 @@ Patch10: CVE-2018-17828.patch
|
|||
Patch11: CVE-2018-17828-singlez.patch
|
||||
|
||||
Patch12: CVE-2020-18442.patch
|
||||
Patch13: CVE-2020-18770.patch
|
||||
|
||||
BuildRequires: perl-interpreter
|
||||
BuildRequires: python3-devel
|
||||
|
|
@ -92,6 +93,7 @@ zziplib library.
|
|||
%patch10 -p1
|
||||
%patch11 -p1
|
||||
%patch12 -p1
|
||||
%patch13 -p1
|
||||
|
||||
pathfix.py -i %{__python3} -pn docs
|
||||
|
||||
|
|
@ -101,7 +103,9 @@ export CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing"
|
|||
--disable-static \
|
||||
--enable-sdl \
|
||||
--enable-frame-pointer \
|
||||
--enable-builddir=_builddir
|
||||
--enable-builddir=_builddir \
|
||||
ac_cv_path_PYTHON=%__python3
|
||||
|
||||
# Remove rpath on 64bit archs
|
||||
sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' */libtool
|
||||
sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' */libtool
|
||||
|
|
@ -143,6 +147,18 @@ make install DESTDIR=%{buildroot}
|
|||
%{_mandir}/man3/*
|
||||
|
||||
%changelog
|
||||
* Tue Feb 06 2024 Jakub Martisko <jamartis@redhat.com> - 0.13.68-12
|
||||
- Add the gating tests from the 8.8.0 branch
|
||||
Resolves: RHEL-24429
|
||||
|
||||
* Sat Jan 27 2024 Jakub Martisko <jamartis@redhat.com> - 0.13.68-11
|
||||
- Use %__python3 macro during the config phase (used for doc generation)
|
||||
Resolves: RHEL-22880
|
||||
|
||||
* Wed Jan 24 2024 Jakub Martisko <jamartis@redhat.com> - 0.13.68-10
|
||||
- Fix CVE-2020-18770
|
||||
Resolves: RHEL-14966
|
||||
|
||||
* Mon Aug 02 2021 Jakub Martisko <jamartis@redhat.com> - 0.13.68-9
|
||||
- Fix CVE-2020-18442
|
||||
- Resolves: CVE-2020-18442
|
||||
|
|
|
|||
Loading…
Reference in New Issue