zziplib/CVE-2018-7727.patch

139 lines
4.1 KiB
Diff

From 83a2da55922f67e07f22048ac9671a44cc0d35c4 Mon Sep 17 00:00:00 2001
From: Guido Draheim <guidod@gmx.de>
Date: Wed, 14 Mar 2018 07:50:44 +0100
Subject: [PATCH] ensure disk_close to avoid mem-leak #40
---
bins/unzzipcat-mem.c | 57 +++++++++++++++++++++++++++-------------------------
bins/unzzipdir-mem.c | 10 ++++-----
2 files changed, 34 insertions(+), 33 deletions(-)
diff --git a/bins/unzzipcat-mem.c b/bins/unzzipcat-mem.c
index d13029c..9bc966b 100644
--- a/bins/unzzipcat-mem.c
+++ b/bins/unzzipcat-mem.c
@@ -89,7 +89,7 @@ static FILE* create_fopen(char* name, char* mode, int subdirs)
static int unzzip_cat (int argc, char ** argv, int extract)
{
- int done;
+ int done = 0;
int argn;
ZZIP_MEM_DISK* disk;
@@ -116,47 +116,50 @@ static int unzzip_cat (int argc, char ** argv, int extract)
FILE* out = stdout;
if (extract) out = create_fopen(name, "w", 1);
if (! out) {
- if (errno != EISDIR) done = EXIT_ERRORS;
+ if (errno != EISDIR) {
+ DBG3("can not open output file %i %s", errno, strerror(errno));
+ done = EXIT_ERRORS;
+ }
continue;
}
unzzip_mem_disk_cat_file (disk, name, out);
if (extract) fclose(out);
}
- return done;
- }
-
- if (argc == 3 && !extract)
+ }
+ else if (argc == 3 && !extract)
{ /* list from one spec */
ZZIP_MEM_ENTRY* entry = 0;
while ((entry = zzip_mem_disk_findmatch(disk, argv[2], entry, 0, 0)))
{
unzzip_mem_entry_fprint (disk, entry, stdout);
}
-
- return 0;
- }
-
- for (argn=1; argn < argc; argn++)
- { /* list only the matching entries - each in order of commandline */
- ZZIP_MEM_ENTRY* entry = zzip_mem_disk_findfirst(disk);
- for (; entry ; entry = zzip_mem_disk_findnext(disk, entry))
- {
- char* name = zzip_mem_entry_to_name (entry);
- if (! _zzip_fnmatch (argv[argn], name,
- FNM_NOESCAPE|FNM_PATHNAME|FNM_PERIOD))
+ } else {
+ for (argn=1; argn < argc; argn++)
+ { /* list only the matching entries - each in order of commandline */
+ ZZIP_MEM_ENTRY* entry = zzip_mem_disk_findfirst(disk);
+ for (; entry ; entry = zzip_mem_disk_findnext(disk, entry))
{
- FILE* out = stdout;
- if (extract) out = create_fopen(name, "w", 1);
- if (! out) {
- if (errno != EISDIR) done = EXIT_ERRORS;
- continue;
- }
- unzzip_mem_disk_cat_file (disk, name, out);
- if (extract) fclose(out);
- break; /* match loop */
+ char* name = zzip_mem_entry_to_name (entry);
+ if (! _zzip_fnmatch (argv[argn], name,
+ FNM_NOESCAPE|FNM_PATHNAME|FNM_PERIOD))
+ {
+ FILE* out = stdout;
+ if (extract) out = create_fopen(name, "wb", 1);
+ if (! out) {
+ if (errno != EISDIR) {
+ DBG3("can not open output file %i %s", errno, strerror(errno));
+ done = EXIT_ERRORS;
+ }
+ continue;
+ }
+ unzzip_mem_disk_cat_file (disk, name, out);
+ if (extract) fclose(out);
+ break; /* match loop */
+ }
}
}
}
+ zzip_mem_disk_close(disk);
return done;
}
diff --git a/bins/unzzipdir-mem.c b/bins/unzzipdir-mem.c
index e54cd8d..beca788 100644
--- a/bins/unzzipdir-mem.c
+++ b/bins/unzzipdir-mem.c
@@ -68,10 +68,8 @@ unzzip_list (int argc, char ** argv, int verbose)
printf ("%lli/%lli %s %s\n", csize, usize, defl, name);
}
}
- return 0;
}
-
- if (argc == 3)
+ else if (argc == 3)
{ /* list from one spec */
ZZIP_MEM_ENTRY* entry = 0;
while ((entry = zzip_mem_disk_findmatch(disk, argv[2], entry, 0, 0)))
@@ -89,9 +87,8 @@ unzzip_list (int argc, char ** argv, int verbose)
printf ("%lli/%lli %s %s\n", csize, usize, defl, name);
}
}
- return 0;
}
-
+ else
{ /* list only the matching entries - in order of zip directory */
ZZIP_MEM_ENTRY* entry = zzip_mem_disk_findfirst(disk);
for (; entry ; entry = zzip_mem_disk_findnext(disk, entry))
@@ -118,8 +115,9 @@ unzzip_list (int argc, char ** argv, int verbose)
}
}
}
- return 0;
}
+ zzip_mem_disk_close(disk);
+ return EXIT_OK;
}
int