Attachment #165057 for bug #204413

View | Details | Raw Unified | Return to bug 204413
Collapse All | Expand All

Lines 3-9 Link Here

(-)Makefile (-1 / +1 lines)
3		3
4	PORTNAME= unzip	4	PORTNAME= unzip
5	PORTVERSION= 6.0	5	PORTVERSION= 6.0
6	PORTREVISION= 6	6	PORTREVISION= 7
7	CATEGORIES= archivers	7	CATEGORIES= archivers
8	MASTER_SITES= SF/infozip/UnZip%206.x%20%28latest%29/UnZip%20${PORTVERSION}/:main \	8	MASTER_SITES= SF/infozip/UnZip%206.x%20%28latest%29/UnZip%20${PORTVERSION}/:main \
9	SF/infozip/UnZip%205.x%20and%20earlier/5.51/:unreduce	9	SF/infozip/UnZip%205.x%20and%20earlier/5.51/:unreduce




--- crypt.c.orig	2007-01-05 16:47:36.000000000 +0100
+++ crypt.c	2016-01-04 14:39:27.300502995 +0100
@@ -465,7 +465,17 @@
     GLOBAL(pInfo->encrypted) = FALSE;
     defer_leftover_input(__G);
     for (n = 0; n < RAND_HEAD_LEN; n++) {
-        b = NEXTBYTE;
+        /* 2012-11-23 SMS.  (OUSPG report.)
+         * Quit early if compressed size < HEAD_LEN.  The resulting
+         * error message ("unable to get password") could be improved,
+         * but it's better than trying to read nonexistent data, and
+         * then continuing with a negative G.csize.  (See
+         * fileio.c:readbyte()).
+         */
+        if ((b = NEXTBYTE) == (ush)EOF)
+        {
+            return PK_ERR;
+        }
         h[n] = (uch)b;
         Trace((stdout, " (%02x)", h[n]));
     }




--- extract.c.orig	2009-03-14 02:32:52.000000000 +0100
+++ extract.c	2016-01-04 14:43:11.813488458 +0100
@@ -1,5 +1,5 @@
 /*
-  Copyright (c) 1990-2009 Info-ZIP.  All rights reserved.

 
   See the accompanying file LICENSE, version 2009-Jan-02 or later
   (the contents of which are also included in unzip.h) for terms of use.
@@ -298,6 +298,8 @@
 #ifndef SFX
    static ZCONST char Far InconsistEFlength[] = "bad extra-field entry:\n \
      EF block length (%u bytes) exceeds remaining EF data (%u bytes)\n";

    static ZCONST char Far InvalidComprDataEAs[] =
      " invalid compressed data for EAs\n";
 #  if (defined(WIN32) && defined(NTSD_EAS))
@@ -2023,7 +2025,8 @@
         ebID = makeword(ef);
         ebLen = (unsigned)makeword(ef+EB_LEN);
 

            /* Discovered some extra field inconsistency! */
             if (uO.qflag)
                 Info(slide, 1, ((char *)slide, "%-22s ",
@@ -2032,6 +2035,16 @@
               ebLen, (ef_len - EB_HEADSIZE)));
             return PK_ERR;
         }

 
         switch (ebID) {
             case EF_OS2:
@@ -2217,14 +2230,28 @@
     ulg eb_ucsize;
     uch *eb_ucptr;
     int r;

 
     if (
 #ifdef INT_16BIT
@@ -2701,6 +2728,12 @@
     int repeated_buf_err;
     bz_stream bstrm;
 
+    if (G.incnt <= 0 && G.csize <= 0L) {
+        /* avoid an infinite loop */
+        Trace((stderr, "UZbunzip2() got empty input\n"));
+        return 2;
+    }
+
 #if (defined(DLL) && !defined(NO_SLIDE_REDIR))
     if (G.redirect_slide)
         wsize = G.redirect_size, redirSlide = G.redirect_buffer;

Return to bug 204413

Line 0 Link Here

(-)files/patch-crypt.c (+21 lines)
	1	--- crypt.c.orig 2007-01-05 16:47:36.000000000 +0100
	2	+++ crypt.c 2016-01-04 14:39:27.300502995 +0100
	3	@@ -465,7 +465,17 @@
	4	GLOBAL(pInfo->encrypted) = FALSE;
	5	defer_leftover_input(__G);
	6	for (n = 0; n < RAND_HEAD_LEN; n++) {
	7	- b = NEXTBYTE;
	8	+ /* 2012-11-23 SMS. (OUSPG report.)
	9	+ * Quit early if compressed size < HEAD_LEN. The resulting
	10	+ * error message ("unable to get password") could be improved,
	11	+ * but it's better than trying to read nonexistent data, and
	12	+ * then continuing with a negative G.csize. (See
	13	+ * fileio.c:readbyte()).
	14	+ */
	15	+ if ((b = NEXTBYTE) == (ush)EOF)
	16	+ {
	17	+ return PK_ERR;
	18	+ }
	19	h[n] = (uch)b;
	20	Trace((stdout, " (%02x)", h[n]));
	21	}

Lines 1-5 Link Here

(-)files/patch-extract.c (-6 / +19 lines)
1	--- extract.c.orig 2009-03-14 01:32:52 UTC	1	--- extract.c.orig 2009-03-14 02:32:52.000000000 +0100
2	+++ extract.c	2	+++ extract.c 2016-01-04 14:43:11.813488458 +0100
3	@@ -1,5 +1,5 @@	3	@@ -1,5 +1,5 @@
4	/*	4	/*
5	- Copyright (c) 1990-2009 Info-ZIP. All rights reserved.	5	- Copyright (c) 1990-2009 Info-ZIP. All rights reserved.
Lines 7-13 Link Here
7		7
8	See the accompanying file LICENSE, version 2009-Jan-02 or later	8	See the accompanying file LICENSE, version 2009-Jan-02 or later
9	(the contents of which are also included in unzip.h) for terms of use.	9	(the contents of which are also included in unzip.h) for terms of use.
10	@@ -298,6 +298,8 @@ char ZCONST Far TruncNTSD[] =	10	@@ -298,6 +298,8 @@
11	#ifndef SFX	11	#ifndef SFX
12	static ZCONST char Far InconsistEFlength[] = "bad extra-field entry:\n \	12	static ZCONST char Far InconsistEFlength[] = "bad extra-field entry:\n \
13	EF block length (%u bytes) exceeds remaining EF data (%u bytes)\n";	13	EF block length (%u bytes) exceeds remaining EF data (%u bytes)\n";
Lines 16-22 Link Here
16	static ZCONST char Far InvalidComprDataEAs[] =	16	static ZCONST char Far InvalidComprDataEAs[] =
17	" invalid compressed data for EAs\n";	17	" invalid compressed data for EAs\n";
18	# if (defined(WIN32) && defined(NTSD_EAS))	18	# if (defined(WIN32) && defined(NTSD_EAS))
19	@@ -2023,7 +2025,8 @@ static int TestExtraField(__G__ ef, ef_l	19	@@ -2023,7 +2025,8 @@
20	ebID = makeword(ef);	20	ebID = makeword(ef);
21	ebLen = (unsigned)makeword(ef+EB_LEN);	21	ebLen = (unsigned)makeword(ef+EB_LEN);
22		22
Lines 26-32 Link Here
26	/* Discovered some extra field inconsistency! */	26	/* Discovered some extra field inconsistency! */
27	if (uO.qflag)	27	if (uO.qflag)
28	Info(slide, 1, ((char *)slide, "%-22s ",	28	Info(slide, 1, ((char *)slide, "%-22s ",
29	@@ -2032,6 +2035,16 @@ static int TestExtraField(__G__ ef, ef_l	29	@@ -2032,6 +2035,16 @@
30	ebLen, (ef_len - EB_HEADSIZE)));	30	ebLen, (ef_len - EB_HEADSIZE)));
31	return PK_ERR;	31	return PK_ERR;
32	}	32	}
Lines 43-49 Link Here
43		43
44	switch (ebID) {	44	switch (ebID) {
45	case EF_OS2:	45	case EF_OS2:
46	@@ -2217,14 +2230,28 @@ static int test_compr_eb(__G__ eb, eb_si	46	@@ -2217,14 +2230,28 @@
47	ulg eb_ucsize;	47	ulg eb_ucsize;
48	uch *eb_ucptr;	48	uch *eb_ucptr;
49	int r;	49	int r;
Lines 75-77 Link Here
75		75
76	if (	76	if (
77	#ifdef INT_16BIT	77	#ifdef INT_16BIT
		78	@@ -2701,6 +2728,12 @@
		79	int repeated_buf_err;
		80	bz_stream bstrm;
		81
		82	+ if (G.incnt <= 0 && G.csize <= 0L) {
		83	+ /* avoid an infinite loop */
		84	+ Trace((stderr, "UZbunzip2() got empty input\n"));
		85	+ return 2;
		86	+ }
		87	+
		88	#if (defined(DLL) && !defined(NO_SLIDE_REDIR))
		89	if (G.redirect_slide)
		90	wsize = G.redirect_size, redirSlide = G.redirect_buffer;