From 01849a148f7c2485d7eaf6d5da7077f336e36446 Mon Sep 17 00:00:00 2001 From: André Fabian Silva Delgado Date: Sat, 10 Jan 2015 10:14:50 -0200 Subject: unzip-6.0-8.parabola1: fix FS#43300 -> https://bugs.archlinux.org/task/43300 --- libre/unzip/PKGBUILD | 27 ++++++--- libre/unzip/crc32.patch | 45 ++++++++++++++ libre/unzip/getZip64Data.patch | 133 +++++++++++++++++++++++++++++++++++++++++ 3 files changed, 197 insertions(+), 8 deletions(-) create mode 100644 libre/unzip/crc32.patch create mode 100644 libre/unzip/getZip64Data.patch diff --git a/libre/unzip/PKGBUILD b/libre/unzip/PKGBUILD index e65d23aaf..adbf9b116 100644 --- a/libre/unzip/PKGBUILD +++ b/libre/unzip/PKGBUILD @@ -1,5 +1,5 @@ -# $Id: PKGBUILD 215748 2014-06-30 11:29:59Z bisson $ -# Maintainer (Arch): +# $Id: PKGBUILD 228865 2015-01-09 19:38:36Z bisson $ +# Maintainer (Arch): Gaetan Bisson # Contributor (Arch): Douglas Soares de Andrade # Contributor (Arch): Robson Peixoto @@ -7,7 +7,7 @@ _pkgname=unzip-libre pkgname=unzip pkgver=6.0 _pkgver=${pkgver/./} -pkgrel=7.parabola1 +pkgrel=8.parabola1 pkgdesc='For extracting and viewing files in .zip archives' url='http://www.info-zip.org/UnZip.html' arch=('i686' 'x86_64' 'mips64el') @@ -17,10 +17,14 @@ conflicts=("${_pkgname}") replaces=("${_pkgname}") mksource=("http://downloads.sourceforge.net/infozip/${pkgname}${_pkgver}.tar.gz" 'match.patch') -source=("https://repo.parabola.nu/other/${_pkgname}/${pkgname}${_pkgver}-libre.tar.gz") -mkmd5sums=('62b490407489521db863b523a7f86375' - 'e6d9f0c204c2abe6a57dc5e1637d5140') -md5sums=('bbe4b7f4d48b2f939b5e43fde0ac7762') +source=("https://repo.parabola.nu/other/${_pkgname}/${pkgname}${_pkgver}-libre.tar.gz" + 'getZip64Data.patch' + 'crc32.patch') +mksha1sums=('abf7de8a4018a983590ed6f5cbd990d4740f8a22' + '63bb2bb8483088d5975ce17443dd31b0362c08c9') +sha1sums=('80808a3b520f8b73ee3a4dc4b5c29411cba43aa2' + '691d0751bf0bc98cf9f9889dee39baccabefdc4d' + '82c9fe9172779a0ee92a187d544e74e8f512b013') mksource() { cd "${srcdir}/${pkgname}${_pkgver}" @@ -29,6 +33,13 @@ mksource() { patch -Np0 -i ${srcdir}/match.patch } +prepare() { + cd "${srcdir}/${pkgname}${_pkgver}" + sed -i "/MANDIR =/s#)/#)/share/#" unix/Makefile + patch -i ../getZip64Data.patch # FS#43300 + patch -i ../crc32.patch # FS#43300 +} + build() { cd "${srcdir}/${pkgname}${_pkgver}" @@ -43,7 +54,7 @@ build() { unzips } -package(){ +package() { cd "${srcdir}/${pkgname}${_pkgver}" make -f unix/Makefile prefix="${pkgdir}"/usr install install -Dm644 LICENSE "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE" diff --git a/libre/unzip/crc32.patch b/libre/unzip/crc32.patch new file mode 100644 index 000000000..43b29d783 --- /dev/null +++ b/libre/unzip/crc32.patch @@ -0,0 +1,45 @@ +--- unzip60/extract.c 2010-04-03 14:41:55 -0500 ++++ unzip60/extract.c 2014-12-03 15:33:35 -0600 +@@ -1,5 +1,5 @@ + /* +- Copyright (c) 1990-2009 Info-ZIP. All rights reserved. ++ Copyright (c) 1990-2014 Info-ZIP. All rights reserved. + + See the accompanying file LICENSE, version 2009-Jan-02 or later + (the contents of which are also included in unzip.h) for terms of use. +@@ -298,6 +298,8 @@ + #ifndef SFX + static ZCONST char Far InconsistEFlength[] = "bad extra-field entry:\n \ + EF block length (%u bytes) exceeds remaining EF data (%u bytes)\n"; ++ static ZCONST char Far TooSmallEFlength[] = "bad extra-field entry:\n \ ++ EF block length (%u bytes) invalid (< %d)\n"; + static ZCONST char Far InvalidComprDataEAs[] = + " invalid compressed data for EAs\n"; + # if (defined(WIN32) && defined(NTSD_EAS)) +@@ -2023,7 +2025,8 @@ + ebID = makeword(ef); + ebLen = (unsigned)makeword(ef+EB_LEN); + +- if (ebLen > (ef_len - EB_HEADSIZE)) { ++ if (ebLen > (ef_len - EB_HEADSIZE)) ++ { + /* Discovered some extra field inconsistency! */ + if (uO.qflag) + Info(slide, 1, ((char *)slide, "%-22s ", +@@ -2032,6 +2035,16 @@ + ebLen, (ef_len - EB_HEADSIZE))); + return PK_ERR; + } ++ else if (ebLen < EB_HEADSIZE) ++ { ++ /* Extra block length smaller than header length. */ ++ if (uO.qflag) ++ Info(slide, 1, ((char *)slide, "%-22s ", ++ FnFilter1(G.filename))); ++ Info(slide, 1, ((char *)slide, LoadFarString(TooSmallEFlength), ++ ebLen, EB_HEADSIZE)); ++ return PK_ERR; ++ } + + switch (ebID) { + case EF_OS2: diff --git a/libre/unzip/getZip64Data.patch b/libre/unzip/getZip64Data.patch new file mode 100644 index 000000000..1684c7391 --- /dev/null +++ b/libre/unzip/getZip64Data.patch @@ -0,0 +1,133 @@ +--- process.c 2009-03-06 02:25:10.000000000 +0100 ++++ process.c 2014-12-05 22:42:39.000000000 +0100 +@@ -1,5 +1,5 @@ + /* +- Copyright (c) 1990-2009 Info-ZIP. All rights reserved. ++ Copyright (c) 1990-2014 Info-ZIP. All rights reserved. + + See the accompanying file LICENSE, version 2009-Jan-02 or later + (the contents of which are also included in unzip.h) for terms of use. +@@ -1888,48 +1888,82 @@ int getZip64Data(__G__ ef_buf, ef_len) + and a 4-byte version of disk start number. + Sets both local header and central header fields. Not terribly clever, + but it means that this procedure is only called in one place. ++ ++ 2014-12-05 SMS. ++ Added checks to ensure that enough data are available before calling ++ makeint64() or makelong(). Replaced various sizeof() values with ++ simple ("4" or "8") constants. (The Zip64 structures do not depend ++ on our variable sizes.) Error handling is crude, but we should now ++ stay within the buffer. + ---------------------------------------------------------------------------*/ + ++#define Z64FLGS 0xffff ++#define Z64FLGL 0xffffffff ++ + if (ef_len == 0 || ef_buf == NULL) + return PK_COOL; + + Trace((stderr,"\ngetZip64Data: scanning extra field of length %u\n", + ef_len)); + +- while (ef_len >= EB_HEADSIZE) { ++ while (ef_len >= EB_HEADSIZE) ++ { + eb_id = makeword(EB_ID + ef_buf); + eb_len = makeword(EB_LEN + ef_buf); + +- if (eb_len > (ef_len - EB_HEADSIZE)) { +- /* discovered some extra field inconsistency! */ ++ if (eb_len > (ef_len - EB_HEADSIZE)) ++ { ++ /* Extra block length exceeds remaining extra field length. */ + Trace((stderr, + "getZip64Data: block length %u > rest ef_size %u\n", eb_len, + ef_len - EB_HEADSIZE)); + break; + } +- if (eb_id == EF_PKSZ64) { +- ++ if (eb_id == EF_PKSZ64) ++ { + int offset = EB_HEADSIZE; + +- if (G.crec.ucsize == 0xffffffff || G.lrec.ucsize == 0xffffffff){ +- G.lrec.ucsize = G.crec.ucsize = makeint64(offset + ef_buf); +- offset += sizeof(G.crec.ucsize); ++ if ((G.crec.ucsize == Z64FLGL) || (G.lrec.ucsize == Z64FLGL)) ++ { ++ if (offset+ 8 > ef_len) ++ return PK_ERR; ++ ++ G.crec.ucsize = G.lrec.ucsize = makeint64(offset + ef_buf); ++ offset += 8; + } +- if (G.crec.csize == 0xffffffff || G.lrec.csize == 0xffffffff){ +- G.csize = G.lrec.csize = G.crec.csize = makeint64(offset + ef_buf); +- offset += sizeof(G.crec.csize); ++ ++ if ((G.crec.csize == Z64FLGL) || (G.lrec.csize == Z64FLGL)) ++ { ++ if (offset+ 8 > ef_len) ++ return PK_ERR; ++ ++ G.csize = G.crec.csize = G.lrec.csize = makeint64(offset + ef_buf); ++ offset += 8; + } +- if (G.crec.relative_offset_local_header == 0xffffffff){ ++ ++ if (G.crec.relative_offset_local_header == Z64FLGL) ++ { ++ if (offset+ 8 > ef_len) ++ return PK_ERR; ++ + G.crec.relative_offset_local_header = makeint64(offset + ef_buf); +- offset += sizeof(G.crec.relative_offset_local_header); ++ offset += 8; + } +- if (G.crec.disk_number_start == 0xffff){ ++ ++ if (G.crec.disk_number_start == Z64FLGS) ++ { ++ if (offset+ 4 > ef_len) ++ return PK_ERR; ++ + G.crec.disk_number_start = (zuvl_t)makelong(offset + ef_buf); +- offset += sizeof(G.crec.disk_number_start); ++ offset += 4; + } ++#if 0 ++ break; /* Expect only one EF_PKSZ64 block. */ ++#endif /* 0 */ + } + +- /* Skip this extra field block */ ++ /* Skip this extra field block. */ + ef_buf += (eb_len + EB_HEADSIZE); + ef_len -= (eb_len + EB_HEADSIZE); + } +--- fileio.c 2009-04-20 02:03:44.000000000 +0200 ++++ fileio.c 2014-12-05 22:44:16.000000000 +0100 +@@ -176,6 +176,8 @@ static ZCONST char Far FilenameTooLongTr + #endif + static ZCONST char Far ExtraFieldTooLong[] = + "warning: extra field too long (%d). Ignoring...\n"; ++static ZCONST char Far ExtraFieldCorrupt[] = ++ "warning: extra field (type: 0x%04x) corrupt. Continuing...\n"; + + #ifdef WINDLL + static ZCONST char Far DiskFullQuery[] = +@@ -2295,7 +2297,12 @@ int do_string(__G__ length, option) /* + if (readbuf(__G__ (char *)G.extra_field, length) == 0) + return PK_EOF; + /* Looks like here is where extra fields are read */ +- getZip64Data(__G__ G.extra_field, length); ++ if (getZip64Data(__G__ G.extra_field, length) != PK_COOL) ++ { ++ Info(slide, 0x401, ((char *)slide, ++ LoadFarString( ExtraFieldCorrupt), EF_PKSZ64)); ++ error = PK_WARN; ++ } + #ifdef UNICODE_SUPPORT + G.unipath_filename = NULL; + if (G.UzO.U_flag < 2) { -- cgit v1.2.3-54-g00ecf