fix CVE-2021-4217
(cherry picked from commit b0df769e2aef6dac9215ca4100965b7708c1ce10)
This commit is contained in:
dongyuzhen
openeuler-sync-bot
parent
5e6f3e7304
commit
6efda96b62
39
backport-CVE-2021-4217.patch
Normal file
39
backport-CVE-2021-4217.patch
Normal file
@ -0,0 +1,39 @@
|
||||
From 731d698377dbd1f5b1b90efeb8094602ed59fc40 Mon Sep 17 00:00:00 2001
|
||||
From: Nils Bars <nils.bars@t-online.de>
|
||||
Date: Mon, 17 Jan 2022 16:53:16 +0000
|
||||
Subject: [PATCH] Fix null pointer dereference and use of uninitialized data
|
||||
|
||||
This fixes a bug that causes use of uninitialized heap data if `readbuf` fails
|
||||
to read as many bytes as indicated by the extra field length attribute.
|
||||
Furthermore, this fixes a null pointer dereference if an archive contains an
|
||||
`EF_UNIPATH` extra field but does not have a filename set.
|
||||
|
||||
Reference:https://bugs.launchpad.net/ubuntu/+source/unzip/+bug/1957077
|
||||
Conflict: fileio.c file not change.
|
||||
---
|
||||
process.c | 6 +++++-
|
||||
1 file changed, 5 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/process.c b/process.c
|
||||
index abe938b..f573ee4 100644
|
||||
--- a/process.c
|
||||
+++ b/process.c
|
||||
@@ -2060,10 +2060,14 @@ int getUnicodeData(__G__ ef_buf, ef_len)
|
||||
G.unipath_checksum = makelong(offset + ef_buf);
|
||||
offset += 4;
|
||||
|
||||
+ if (!G.filename_full) {
|
||||
+ /* Check if we have a unicode extra section but no filename set */
|
||||
+ return PK_ERR;
|
||||
+ }
|
||||
+
|
||||
/*
|
||||
* Compute 32-bit crc
|
||||
*/
|
||||
-
|
||||
chksum = crc32(chksum, (uch *)(G.filename_full),
|
||||
strlen(G.filename_full));
|
||||
|
||||
--
|
||||
2.33.0
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
Name: unzip
|
||||
Version: 6.0
|
||||
Release: 46
|
||||
Release: 47
|
||||
Summary: A utility for unpacking zip files
|
||||
License: BSD
|
||||
URL: http://www.info-zip.org/UnZip.html
|
||||
@ -34,6 +34,7 @@ Patch6000: CVE-2018-18384.patch
|
||||
Patch6001: CVE-2019-13232-pre.patch
|
||||
Patch6002: CVE-2019-13232.patch
|
||||
Patch6003: CVE-2019-13232-fur1.patch
|
||||
Patch6004: backport-CVE-2021-4217.patch
|
||||
Patch9000: CVE-2019-13232-fur2.patch
|
||||
Patch9001: CVE-2022-0530.patch
|
||||
Patch9002: CVE-2022-0529.patch
|
||||
@ -71,6 +72,9 @@ Package help includes man pages for unzip.
|
||||
%{_mandir}/man1/*
|
||||
|
||||
%changelog
|
||||
* Tue Sep 6 2022 dongyuzhen <dongyuzhen@h-partners.com> - 6.0-47
|
||||
- fix CVE-2021-4217
|
||||
|
||||
* Wed Feb 23 2022 tianwei <tianwei@h-partners.com> - 6.0-46
|
||||
- fix CVE-2022-0529 CVE-2022-0530
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user