packages/zziplib
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix CVE-2020-18770

Browse Source
This commit is contained in:
licihua 2023-09-28 10:34:50 +08:00
parent 20bbc266a7
commit b6c6fae4e6
2 changed files with 39 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
backport-CVE-2020-18770.patch Normal file
View File

@ -0,0 +1,32 @@
From 99462cac1c6581bce36fe17fd1f430cbe114f0af Mon Sep 17 00:00:00 2001
From: Valentin Lefebvre <valentin.lefebvre@suse.com>
Date: Wed, 20 Sep 2023 12:04:56 +0200
Subject: [PATCH] mmappend.c: pre-check header trailer magic
* Avoid potential ASAN:SIGSEGV invalid memory access by pre-check the header
trailer magic.
* CVE-2020-18770
Signed-off-by: Valentin Lefebvre <valentin.lefebvre@suse.com>
---
zzip/mmapped.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/zzip/mmapped.c b/zzip/mmapped.c
index 8af18f4..6b178ee 100644
--- a/zzip/mmapped.c
+++ b/zzip/mmapped.c
@@ -269,7 +269,8 @@ zzip_disk_entry_to_file_header(ZZIP_DISK * disk, struct zzip_disk_entry *entry)
return 0;
}
___ struct zzip_file_header *file_header = (void *) ptr;
- if (zzip_file_header_get_magic(file_header) != ZZIP_FILE_HEADER_MAGIC)
+ if (file_header != 'P' || /* quick pre-check for trailer magic */
+ zzip_file_header_get_magic(file_header) != ZZIP_FILE_HEADER_MAGIC)
{
errno = EBADMSG;
return 0;
--
2.40.1

8
zziplib.spec
View File

@ -4,7 +4,7 @@ sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' */libtool
Name: zziplib Name: zziplib
Version: 0.13.69 Version: 0.13.69
Release: 8 Release: 9
Summary: Lightweight library for zip compression Summary: Lightweight library for zip compression
License: LGPLv2+ or MPLv1.1 License: LGPLv2+ or MPLv1.1
URL: http://zziplib.sourceforge.net URL: http://zziplib.sourceforge.net
@ -21,6 +21,7 @@ Patch6007: backport-0004-CVE-2020-18442.patch
Patch6008: backport-0005-CVE-2020-18442.patch Patch6008: backport-0005-CVE-2020-18442.patch
Patch6009: backport-0006-CVE-2020-18442.patch Patch6009: backport-0006-CVE-2020-18442.patch
Patch6010: backport-0007-CVE-2020-18442.patch Patch6010: backport-0007-CVE-2020-18442.patch
Patch6011: backport-CVE-2020-18770.patch
BuildRequires: perl-interpreter python2 python2-rpm-macros zip xmlto BuildRequires: perl-interpreter python2 python2-rpm-macros zip xmlto
BuildRequires: zlib-devel SDL-devel pkgconfig autoconf automake gcc make BuildRequires: zlib-devel SDL-devel pkgconfig autoconf automake gcc make
@ -66,6 +67,7 @@ This package includes help documentation and manuals related to zziplib.
%patch6008 -p1 %patch6008 -p1
%patch6009 -p1 %patch6009 -p1
%patch6010 -p1 %patch6010 -p1
%patch6011 -p1
find . -name '*.py' | xargs sed -i 's@#! /usr/bin/python@#! %__python2@g;s@#! /usr/bin/env python@#! %__python2@g' find . -name '*.py' | xargs sed -i 's@#! /usr/bin/python@#! %__python2@g;s@#! /usr/bin/env python@#! %__python2@g'
@ -101,6 +103,10 @@ export PYTHON=%__python2
%{_mandir}/man3/* %{_mandir}/man3/*
%changelog %changelog
* Thu Sep 28 2023 licihua <licihua@huawei.com> - 0.13.36-9
- fix CVE-2020-18770
* Fri Jun 25 2021 shixuantong <shixuantong@huawei.com> - 0.13.36-8 * Fri Jun 25 2021 shixuantong <shixuantong@huawei.com> - 0.13.36-8
- fix CVE-2020-18442 - fix CVE-2020-18442