From 0bb4e9837efe653fbac32b6a444e6cb58351114c Mon Sep 17 00:00:00 2001 From: André Fabian Silva Delgado Date: Sat, 10 Jan 2015 23:45:32 -0200 Subject: unzip-6.0-9.parabola1: fix FS#43391 -> https://bugs.archlinux.org/task/43391 --- libre/unzip/PKGBUILD | 7 +++++-- libre/unzip/test_compr_eb.patch | 23 +++++++++++++++++++++++ 2 files changed, 28 insertions(+), 2 deletions(-) create mode 100644 libre/unzip/test_compr_eb.patch (limited to 'libre/unzip') diff --git a/libre/unzip/PKGBUILD b/libre/unzip/PKGBUILD index adbf9b116..24915ae62 100644 --- a/libre/unzip/PKGBUILD +++ b/libre/unzip/PKGBUILD @@ -1,4 +1,4 @@ -# $Id: PKGBUILD 228865 2015-01-09 19:38:36Z bisson $ +# $Id: PKGBUILD 228890 2015-01-10 19:27:10Z bisson $ # Maintainer (Arch): Gaetan Bisson # Contributor (Arch): Douglas Soares de Andrade # Contributor (Arch): Robson Peixoto @@ -7,7 +7,7 @@ _pkgname=unzip-libre pkgname=unzip pkgver=6.0 _pkgver=${pkgver/./} -pkgrel=8.parabola1 +pkgrel=9.parabola1 pkgdesc='For extracting and viewing files in .zip archives' url='http://www.info-zip.org/UnZip.html' arch=('i686' 'x86_64' 'mips64el') @@ -18,11 +18,13 @@ replaces=("${_pkgname}") mksource=("http://downloads.sourceforge.net/infozip/${pkgname}${_pkgver}.tar.gz" 'match.patch') source=("https://repo.parabola.nu/other/${_pkgname}/${pkgname}${_pkgver}-libre.tar.gz" + 'test_compr_eb.patch' 'getZip64Data.patch' 'crc32.patch') mksha1sums=('abf7de8a4018a983590ed6f5cbd990d4740f8a22' '63bb2bb8483088d5975ce17443dd31b0362c08c9') sha1sums=('80808a3b520f8b73ee3a4dc4b5c29411cba43aa2' + '614c3e7fa7d6da7c60ea2aa79e36f4cbd17c3824' '691d0751bf0bc98cf9f9889dee39baccabefdc4d' '82c9fe9172779a0ee92a187d544e74e8f512b013') @@ -36,6 +38,7 @@ mksource() { prepare() { cd "${srcdir}/${pkgname}${_pkgver}" sed -i "/MANDIR =/s#)/#)/share/#" unix/Makefile + patch -i ../test_compr_eb.patch # FS#43391 patch -i ../getZip64Data.patch # FS#43300 patch -i ../crc32.patch # FS#43300 } diff --git a/libre/unzip/test_compr_eb.patch b/libre/unzip/test_compr_eb.patch new file mode 100644 index 000000000..7e8c2976e --- /dev/null +++ b/libre/unzip/test_compr_eb.patch @@ -0,0 +1,23 @@ +--- extract.c 2009-03-14 02:32:52.000000000 +0100 ++++ extract.c 2014-12-05 22:43:13.000000000 +0100 +@@ -2221,10 +2234,17 @@ static int test_compr_eb(__G__ eb, eb_si + if (compr_offset < 4) /* field is not compressed: */ + return PK_OK; /* do nothing and signal OK */ + ++ /* Return no/bad-data error status if any problem is found: ++ * 1. eb_size is too small to hold the uncompressed size ++ * (eb_ucsize). (Else extract eb_ucsize.) ++ * 2. eb_ucsize is zero (invalid). 2014-12-04 SMS. ++ * 3. eb_ucsize is positive, but eb_size is too small to hold ++ * the compressed data header. ++ */ + if ((eb_size < (EB_UCSIZE_P + 4)) || +- ((eb_ucsize = makelong(eb+(EB_HEADSIZE+EB_UCSIZE_P))) > 0L && +- eb_size <= (compr_offset + EB_CMPRHEADLEN))) +- return IZ_EF_TRUNC; /* no compressed data! */ ++ ((eb_ucsize = makelong( eb+ (EB_HEADSIZE+ EB_UCSIZE_P))) == 0L) || ++ ((eb_ucsize > 0L) && (eb_size <= (compr_offset + EB_CMPRHEADLEN)))) ++ return IZ_EF_TRUNC; /* no/bad compressed data! */ + + if ( + #ifdef INT_16BIT -- cgit v1.2.3-54-g00ecf