[Midnightbsd-cvs] mports [20926] trunk/archivers/unzip: Security patch unzip
laffer1 at midnightbsd.org
laffer1 at midnightbsd.org
Mon Feb 1 16:07:05 EST 2016
Revision: 20926
http://svnweb.midnightbsd.org/mports/?rev=20926
Author: laffer1
Date: 2016-02-01 16:07:04 -0500 (Mon, 01 Feb 2016)
Log Message:
-----------
Security patch unzip
Topic: unzip -- out of boundary access issues in test_compr_eb
Affects:
unzip < 6.0_4
References:
cvename:CVE-2014-9636
url:http://www.ubuntu.com/usn/usn-2489-1/
url:http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-9636.html
url:http://seclists.org/oss-sec/2014/q4/489
url:http://www.info-zip.org/phpBB3/viewtopic.php?f=7&t=450
<URL:http://vuxml.freebsd.org/e543c6f8-abf2-11e4-8ac7-d050992ecde8.html>
Modified Paths:
--------------
trunk/archivers/unzip/Makefile
trunk/archivers/unzip/files/patch-extract.c
Added Paths:
-----------
trunk/archivers/unzip/files/patch-crypt.c
Modified: trunk/archivers/unzip/Makefile
===================================================================
--- trunk/archivers/unzip/Makefile 2016-02-01 21:01:47 UTC (rev 20925)
+++ trunk/archivers/unzip/Makefile 2016-02-01 21:07:04 UTC (rev 20926)
@@ -2,7 +2,7 @@
PORTNAME= unzip
PORTVERSION= 6.0
-PORTREVISION= 3
+PORTREVISION= 7
CATEGORIES= archivers
MASTER_SITES= SF/infozip/UnZip%206.x%20%28latest%29/UnZip%20${PORTVERSION}/:main \
SF/infozip/UnZip%205.x%20and%20earlier/5.51/:unreduce
@@ -14,18 +14,14 @@
LICENSE= infozip
+USES= cpe
+CPE_VENDOR= info-zip
ALL_TARGET= bsd
-
MAKEFILE= unix/Makefile
MAKE_ARGS= LF2="${STRIP}"
-.if defined(INSTALL_AS_INFOUNZIP)
-UNZIP_NAME= info-unzip
-.else
-UNZIP_NAME= unzip
-.endif
PORTDOCS= README WHERE
-MANPAGES= ${UNZIP_NAME}.1 funzip.1 unzipsfx.1 zipgrep.1 zipinfo.1
-PLIST_FILES= bin/${UNZIP_NAME} bin/funzip bin/unzipsfx bin/zipgrep \
+MANPAGES= unzip.1 funzip.1 unzipsfx.1 zipgrep.1 zipinfo.1
+PLIST_FILES= bin/unzip bin/funzip bin/unzipsfx bin/zipgrep \
bin/zipinfo
PLIST_FILES+= ${MANPAGES:C|^(.*)\.([1-9])$|man/man\2/\1.\2.gz|}
@@ -85,22 +81,15 @@
EXTRA_PATCHES+= ${FILESDIR}/extra-ru-patch-ebcdic.h
.endif
-.if !defined(INSTALL_AS_INFOUNZIP)
-pre-fetch:
- @${ECHO} ""
- @${ECHO} "Use INSTALL_AS_INFOUNZIP=yes to install Info Unzip as ${PREFIX}/bin/info-unzip"
- @${ECHO} ""
-.endif
-
do-install:
${INSTALL_PROGRAM} ${WRKSRC}/unzip \
- ${STAGEDIR}${PREFIX}/bin/${UNZIP_NAME}
+ ${PREFIX}/bin
cd ${WRKSRC} && \
${INSTALL_PROGRAM} funzip unzipsfx ${STAGEDIR}${PREFIX}/bin
- ${LN} -sf ${UNZIP_NAME} ${STAGEDIR}${PREFIX}/bin/zipinfo
+ ${LN} -sf unzip ${PREFIX}/bin/zipinfo
${INSTALL_SCRIPT} ${WRKSRC}/unix/zipgrep ${STAGEDIR}${PREFIX}/bin
${INSTALL_MAN} ${WRKSRC}/man/unzip.1 \
- ${STAGEDIR}${MAN1PREFIX}/man/man1/${UNZIP_NAME}.1
+ ${MAN1PREFIX}/man/man1
cd ${WRKSRC}/man && ${INSTALL_MAN} ${MANPAGES:Nunzip.1:Ninfo-unzip.1} \
${STAGEDIR}${MAN1PREFIX}/man/man1
@${MKDIR} ${STAGEDIR}${DOCSDIR}
Added: trunk/archivers/unzip/files/patch-crypt.c
===================================================================
--- trunk/archivers/unzip/files/patch-crypt.c (rev 0)
+++ trunk/archivers/unzip/files/patch-crypt.c 2016-02-01 21:07:04 UTC (rev 20926)
@@ -0,0 +1,21 @@
+--- crypt.c.orig 2007-01-05 16:47:36.000000000 +0100
++++ crypt.c 2016-01-04 14:39:27.300502995 +0100
+@@ -465,7 +465,17 @@
+ GLOBAL(pInfo->encrypted) = FALSE;
+ defer_leftover_input(__G);
+ for (n = 0; n < RAND_HEAD_LEN; n++) {
+- b = NEXTBYTE;
++ /* 2012-11-23 SMS. (OUSPG report.)
++ * Quit early if compressed size < HEAD_LEN. The resulting
++ * error message ("unable to get password") could be improved,
++ * but it's better than trying to read nonexistent data, and
++ * then continuing with a negative G.csize. (See
++ * fileio.c:readbyte()).
++ */
++ if ((b = NEXTBYTE) == (ush)EOF)
++ {
++ return PK_ERR;
++ }
+ h[n] = (uch)b;
+ Trace((stdout, " (%02x)", h[n]));
+ }
Property changes on: trunk/archivers/unzip/files/patch-crypt.c
___________________________________________________________________
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Modified: trunk/archivers/unzip/files/patch-extract.c
===================================================================
--- trunk/archivers/unzip/files/patch-extract.c 2016-02-01 21:01:47 UTC (rev 20925)
+++ trunk/archivers/unzip/files/patch-extract.c 2016-02-01 21:07:04 UTC (rev 20926)
@@ -1,5 +1,5 @@
---- extract.c.orig 2009-03-14 01:32:52 UTC
-+++ extract.c
+--- extract.c.orig 2009-03-14 02:32:52.000000000 +0100
++++ extract.c 2016-01-04 14:43:11.813488458 +0100
@@ -1,5 +1,5 @@
/*
- Copyright (c) 1990-2009 Info-ZIP. All rights reserved.
@@ -7,7 +7,7 @@
See the accompanying file LICENSE, version 2009-Jan-02 or later
(the contents of which are also included in unzip.h) for terms of use.
-@@ -298,6 +298,8 @@ char ZCONST Far TruncNTSD[] =
+@@ -298,6 +298,8 @@
#ifndef SFX
static ZCONST char Far InconsistEFlength[] = "bad extra-field entry:\n \
EF block length (%u bytes) exceeds remaining EF data (%u bytes)\n";
@@ -16,7 +16,7 @@
static ZCONST char Far InvalidComprDataEAs[] =
" invalid compressed data for EAs\n";
# if (defined(WIN32) && defined(NTSD_EAS))
-@@ -2023,7 +2025,8 @@ static int TestExtraField(__G__ ef, ef_l
+@@ -2023,7 +2025,8 @@
ebID = makeword(ef);
ebLen = (unsigned)makeword(ef+EB_LEN);
@@ -26,7 +26,7 @@
/* Discovered some extra field inconsistency! */
if (uO.qflag)
Info(slide, 1, ((char *)slide, "%-22s ",
-@@ -2032,6 +2035,16 @@ static int TestExtraField(__G__ ef, ef_l
+@@ -2032,6 +2035,16 @@
ebLen, (ef_len - EB_HEADSIZE)));
return PK_ERR;
}
@@ -43,7 +43,7 @@
switch (ebID) {
case EF_OS2:
-@@ -2217,14 +2230,28 @@ static int test_compr_eb(__G__ eb, eb_si
+@@ -2217,14 +2230,28 @@
ulg eb_ucsize;
uch *eb_ucptr;
int r;
@@ -75,3 +75,16 @@
if (
#ifdef INT_16BIT
+@@ -2701,6 +2728,12 @@
+ int repeated_buf_err;
+ bz_stream bstrm;
+
++ if (G.incnt <= 0 && G.csize <= 0L) {
++ /* avoid an infinite loop */
++ Trace((stderr, "UZbunzip2() got empty input\n"));
++ return 2;
++ }
++
+ #if (defined(DLL) && !defined(NO_SLIDE_REDIR))
+ if (G.redirect_slide)
+ wsize = G.redirect_size, redirSlide = G.redirect_buffer;
More information about the Midnightbsd-cvs
mailing list