guix-devel/gnu/packages/patches/zziplib-CVE-2017-5975.patch

Fix CVE-2017-5975:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5975

Patch copied from Debian.

Index: zziplib-0.13.62/zzip/memdisk.c
===================================================================
--- zziplib-0.13.62.orig/zzip/memdisk.c
+++ zziplib-0.13.62/zzip/memdisk.c
@@ -173,6 +173,8 @@ zzip_mem_entry_new(ZZIP_DISK * disk, ZZI
         return 0;               /* errno=ENOMEM; */
     ___ struct zzip_file_header *header =
         zzip_disk_entry_to_file_header(disk, entry);
+    if (!header)
+	{ free(item); return 0; }
     /*  there is a number of duplicated information in the file header
      *  or the disk entry block. Theoretically some part may be missing
      *  that exists in the other, ... but we will prefer the disk entry.
Index: zziplib-0.13.62/zzip/mmapped.c
===================================================================
--- zziplib-0.13.62.orig/zzip/mmapped.c
+++ zziplib-0.13.62/zzip/mmapped.c
@@ -289,6 +289,8 @@ zzip_disk_entry_to_file_header(ZZIP_DISK
         (disk->buffer + zzip_disk_entry_fileoffset(entry));
     if (disk->buffer > file_header || file_header >= disk->endbuf)
         return 0;
+    if (ZZIP_GET32(file_header) != ZZIP_FILE_HEADER_MAGIC)
+        return 0;
     return (struct zzip_file_header *) file_header;
 }
gnu: zziplib: Fix CVE-2017-{5974,5975,5976,5978,5979,5981}. * gnu/packages/patches/zziplib-CVE-2017-5974.patch, gnu/packages/patches/zziplib-CVE-2017-5975.patch, gnu/packages/patches/zziplib-CVE-2017-5976.patch, gnu/packages/patches/zziplib-CVE-2017-5978.patch, gnu/packages/patches/zziplib-CVE-2017-5979.patch, gnu/packages/patches/zziplib-CVE-2017-5981.patch: New files. * gnu/local.mk (dist_patch_DATA): Add them. * gnu/packages/zip.scm (zziplib)[source]: Use them. 2017-06-14 22:34:10 +02:00			`Fix CVE-2017-5975:`

			`https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5975`

			`Patch copied from Debian.`

			`Index: zziplib-0.13.62/zzip/memdisk.c`
			`===================================================================`
			`--- zziplib-0.13.62.orig/zzip/memdisk.c`
			`+++ zziplib-0.13.62/zzip/memdisk.c`
			`@@ -173,6 +173,8 @@ zzip_mem_entry_new(ZZIP_DISK * disk, ZZI`
			`return 0; /* errno=ENOMEM; */`
			`___ struct zzip_file_header *header =`
			`zzip_disk_entry_to_file_header(disk, entry);`
			`+ if (!header)`
			`+ { free(item); return 0; }`
			`/* there is a number of duplicated information in the file header`
			`* or the disk entry block. Theoretically some part may be missing`
			`* that exists in the other, ... but we will prefer the disk entry.`
			`Index: zziplib-0.13.62/zzip/mmapped.c`
			`===================================================================`
			`--- zziplib-0.13.62.orig/zzip/mmapped.c`
			`+++ zziplib-0.13.62/zzip/mmapped.c`
			`@@ -289,6 +289,8 @@ zzip_disk_entry_to_file_header(ZZIP_DISK`
			`(disk->buffer + zzip_disk_entry_fileoffset(entry));`
			`if (disk->buffer > file_header \|\| file_header >= disk->endbuf)`
			`return 0;`
			`+ if (ZZIP_GET32(file_header) != ZZIP_FILE_HEADER_MAGIC)`
			`+ return 0;`
			`return (struct zzip_file_header *) file_header;`
			`}`