main/unzip: fix various CVEs

- CVE-2014-8139 - CVE-2014-8140 - CVE-2014-8141 - CVE-2014-9636 - CVE-2014-9913 - CVE-2016-9844 - CVE-2018-1000035 fixes #9289
author: Natanael Copa <ncopa@alpinelinux.org> 2018-08-20 12:24:29 +0000
committer: Natanael Copa <ncopa@alpinelinux.org> 2018-08-22 10:37:44 +0200
commit: 1a9d4e34862869cd3a82d1ce5c75be04b144229a (patch)
tree: e7d4181a1a0ba8cc679b40d059d0f9fd9850c606 /main/unzip
parent: d510fa929a7f6ede654295930273de33fd0e9b15 (diff)
download: aports-1a9d4e34862869cd3a82d1ce5c75be04b144229a.tar.bz2
aports-1a9d4e34862869cd3a82d1ce5c75be04b144229a.tar.xz
8 files changed, 401 insertions, 12 deletions
diff --git a/main/unzip/APKBUILD b/main/unzip/APKBUILD
index 909e337f38..88e1929de6 100644
--- a/main/unzip/APKBUILD
+++ b/main/unzip/APKBUILD
@@ -2,7 +2,7 @@
 # Maintainer: Timo Teräs <timo.teras@iki.fi>
 pkgname=unzip
 pkgver=6.0
-pkgrel=2
+pkgrel=3
 pkgdesc="Extract PKZIP-compatible .zip files"
 url="http://www.info-zip.org/UnZip.html"
 arch="all"
@@ -11,13 +11,33 @@ depends=""
 makedepends=""
 subpackages="$pkgname-doc"
 # normally 	ftp://ftp.info-zip.org/pub/infozip/src/${pkgname}60.zip
-source="http://distfiles.alpinelinux.org/distfiles/${pkgname}60.zip
+source="https://dev.alpinelinux.org/archive/unzip/$pkgname${pkgver/./}.tgz
 	10-unzip-handle-pkware-verify.patch
 	20-unzip-uidgid-fix.patch
 	unzip-6.0-heap-overflow-infloop.patch
+	CVE-2014-8140.patch
+	CVE-2014-8141.patch
+	CVE-2014-9636.patch
+	CVE-2014-9913.patch
+	CVE-2016-9844.patch
+	CVE-2018-1000035.patch
+	fix-CVE-2014-8139.patch
 	"
 
 builddir="$srcdir"/${pkgname}60
+# secfixes:
+#   6.0-r3:
+#   - CVE-2014-8139
+#   - CVE-2014-8140
+#   - CVE-2014-8141
+#   - CVE-2014-9636
+#   - CVE-2014-9913
+#   - CVE-2016-9844
+#   - CVE-2018-1000035
+#   6.0-r1:
+#   - CVE-2015-7696
+#   - CVE-2015-7697
+
 build() {
 	cd "$builddir"
 	make -f unix/Makefile \
@@ -34,15 +54,14 @@ package() {
 		"$pkgdir"/usr/share/licenses/$pkgname/LICENSE
 }
 
-md5sums="85da5203f01ab0b9403efef3b9bb4010  unzip60.zip
-b860a1557b48b2c3fa52541f9260ed72  10-unzip-handle-pkware-verify.patch
-3de9dee957cb83615cdcb165375d00bd  20-unzip-uidgid-fix.patch
-4ff9673cf8337e80220e46c7eb95ac61  unzip-6.0-heap-overflow-infloop.patch"
-sha256sums="2bc3e70d412447595ac3bed58c1c1fdae289d9a652e55fd0eaadddfe111aa9e4  unzip60.zip
-6829ce345b66d081cb1b8b5be37f092836fbcb71819594e45218fc03d8e80754  10-unzip-handle-pkware-verify.patch
-3650b53a49742d7ffb2c7d5db2ef1cdeaf3d34d21daa976dc7024ceb605a9dee  20-unzip-uidgid-fix.patch
-1a12fe030bb1127f54362c7023995d4b01528ef4f2d068497d390877d15aafea  unzip-6.0-heap-overflow-infloop.patch"
-sha512sums="4a455d45b2c33bc28cab74b82d13f2f1bc5f4a2c45de125345181d2e712079727e825d25e5b7765f9f9c16b7746cd5342897dc8502cb55b8a9f2329b138a1614  unzip60.zip
+sha512sums="0694e403ebc57b37218e00ec1a406cae5cc9c5b52b6798e0d4590840b6cdbf9ddc0d9471f67af783e960f8fa2e620394d51384257dca23d06bcd90224a80ce5d  unzip60.tgz
 9d2914f22fb0075a2b6f72825c235f46eafd8d47b6fb6fcc8303fc69336e256b15923c002d2615bb6af733344c2315e4a8504d77bae301e10c11d4736faa2c81  10-unzip-handle-pkware-verify.patch
 57699582e9056af0817dcb67f8db67e6a1ff8208c137fbebcf559429e5f12b471b75d7e1ef938e5bbb5416074a51ac7342e4ce8057f4bbdcb0bf079b8d7832af  20-unzip-uidgid-fix.patch
-b1e3fac6a787828efaaef8ec7cc52e1573aea27a6f29830af37ec4ba8bcd2a6488c953ab10eee0561c78e82c7401833ef172bebee793405d93632ce788756301  unzip-6.0-heap-overflow-infloop.patch"
+b1e3fac6a787828efaaef8ec7cc52e1573aea27a6f29830af37ec4ba8bcd2a6488c953ab10eee0561c78e82c7401833ef172bebee793405d93632ce788756301  unzip-6.0-heap-overflow-infloop.patch
+028a97e781fb4e277df331fd40b848bbc002f1a5ceeb40e74477cf68d2f063ac2623e24afbeddfa0456940ecc7694fdb66ecd031cbcecad63079e8427fb731c9  CVE-2014-8140.patch
+3dd21343d6e5ae7d19f2b2f9cf7310eac38dd7f598e1265e247559a48143c9dbffabd9fc0d7aff6d859ec9e646e85c2b7ee00a1b1a2e23bdf96192c22c58b058  CVE-2014-8141.patch
+281c524a9adb1c0f1cb861548d96115f55152c1d76adca34bbaabcca410c5aaf5dd53d99360d7ea8ee9d0ab9eb62031cb40c5de4b5ecfd91535ac178cd3e7098  CVE-2014-9636.patch
+9a62286acdbd5bf5f679d813017b93c25bdb06edaf48b2b53d3281ce3c30587158a777b07457c574d72350499f786dac6b4493092d7e08c17c07cb65ecc513b6  CVE-2014-9913.patch
+8c4a4313072ff0d87eadb0f5472eb48f2802b835dd282305811a96de87a41fed48be60fbdd434e6b6359418f0559f7793deaa1d68161a0c0ead9f8574bb9f14c  CVE-2016-9844.patch
+6f757385a23fe6a034f676df6bf233243afa8743761e3d715e532d066fcd7dc8f8dcd6192be693258f3855837e5534490784378768abe7ce710fb869258d49b7  CVE-2018-1000035.patch
+13f9c54fcdde478c4afe391c8e7ef9c31b03228aaace5da38382612951cbfd60710fd3d931569297953be32b2c5906715aed4b1c05e28cc8fccbb27f38b57550  fix-CVE-2014-8139.patch"
diff --git a/main/unzip/CVE-2014-8140.patch b/main/unzip/CVE-2014-8140.patch
new file mode 100644
index 0000000000..81b96b8df7
--- /dev/null
+++ b/main/unzip/CVE-2014-8140.patch
@@ -0,0 +1,26 @@
+From RedHat: https://bugzilla.redhat.com/attachment.cgi?id=969621&action=diff
+(unzip60/ path prefix added)
+
+--- unzip60/extract.c	2009-03-14 02:32:52.000000000 +0100
++++ unzip60/extract.c	2014-12-05 22:43:13.000000000 +0100
+@@ -2221,10 +2234,17 @@ static int test_compr_eb(__G__ eb, eb_si
+     if (compr_offset < 4)                /* field is not compressed: */
+         return PK_OK;                    /* do nothing and signal OK */
+ 
++    /* Return no/bad-data error status if any problem is found:
++     *    1. eb_size is too small to hold the uncompressed size
++     *       (eb_ucsize).  (Else extract eb_ucsize.)
++     *    2. eb_ucsize is zero (invalid).  2014-12-04 SMS.
++     *    3. eb_ucsize is positive, but eb_size is too small to hold
++     *       the compressed data header.
++     */
+     if ((eb_size < (EB_UCSIZE_P + 4)) ||
+-        ((eb_ucsize = makelong(eb+(EB_HEADSIZE+EB_UCSIZE_P))) > 0L &&
+-         eb_size <= (compr_offset + EB_CMPRHEADLEN)))
+-        return IZ_EF_TRUNC;               /* no compressed data! */
++     ((eb_ucsize = makelong( eb+ (EB_HEADSIZE+ EB_UCSIZE_P))) == 0L) ||
++     ((eb_ucsize > 0L) && (eb_size <= (compr_offset + EB_CMPRHEADLEN))))
++        return IZ_EF_TRUNC;             /* no/bad compressed data! */
+ 
+     if (
+ #ifdef INT_16BIT
diff --git a/main/unzip/CVE-2014-8141.patch b/main/unzip/CVE-2014-8141.patch
new file mode 100644
index 0000000000..11007195b1
--- /dev/null
+++ b/main/unzip/CVE-2014-8141.patch
@@ -0,0 +1,136 @@
+From RedHat: https://bugzilla.redhat.com/attachment.cgi?id=969625&action=diff
+(unzip60/ path prefix added)
+
+--- unzip60/process.c	2009-03-06 02:25:10.000000000 +0100
++++ unzip60/process.c	2014-12-05 22:42:39.000000000 +0100
+@@ -1,5 +1,5 @@ 
+ /*
+-  Copyright (c) 1990-2009 Info-ZIP.  All rights reserved.
++  Copyright (c) 1990-2014 Info-ZIP.  All rights reserved.
+ 
+   See the accompanying file LICENSE, version 2009-Jan-02 or later
+   (the contents of which are also included in unzip.h) for terms of use.
+@@ -1888,48 +1888,82 @@ int getZip64Data(__G__ ef_buf, ef_len)
+     and a 4-byte version of disk start number.
+     Sets both local header and central header fields.  Not terribly clever,
+     but it means that this procedure is only called in one place.
++
++    2014-12-05 SMS.
++    Added checks to ensure that enough data are available before calling
++    makeint64() or makelong().  Replaced various sizeof() values with
++    simple ("4" or "8") constants.  (The Zip64 structures do not depend
++    on our variable sizes.)  Error handling is crude, but we should now
++    stay within the buffer.
+   ---------------------------------------------------------------------------*/
+ 
++#define Z64FLGS 0xffff
++#define Z64FLGL 0xffffffff
++
+     if (ef_len == 0 || ef_buf == NULL)
+         return PK_COOL;
+ 
+     Trace((stderr,"\ngetZip64Data: scanning extra field of length %u\n",
+       ef_len));
+ 
+-    while (ef_len >= EB_HEADSIZE) {
++    while (ef_len >= EB_HEADSIZE)
++    {
+         eb_id = makeword(EB_ID + ef_buf);
+         eb_len = makeword(EB_LEN + ef_buf);
+ 
+-        if (eb_len > (ef_len - EB_HEADSIZE)) {
+-            /* discovered some extra field inconsistency! */
++        if (eb_len > (ef_len - EB_HEADSIZE))
++        {
++            /* Extra block length exceeds remaining extra field length. */
+             Trace((stderr,
+               "getZip64Data: block length %u > rest ef_size %u\n", eb_len,
+               ef_len - EB_HEADSIZE));
+             break;
+         }
+-        if (eb_id == EF_PKSZ64) {
+-
++        if (eb_id == EF_PKSZ64)
++        {
+           int offset = EB_HEADSIZE;
+ 
+-          if (G.crec.ucsize == 0xffffffff || G.lrec.ucsize == 0xffffffff){
+-            G.lrec.ucsize = G.crec.ucsize = makeint64(offset + ef_buf);
+-            offset += sizeof(G.crec.ucsize);
++          if ((G.crec.ucsize == Z64FLGL) || (G.lrec.ucsize == Z64FLGL))
++          {
++            if (offset+ 8 > ef_len)
++              return PK_ERR;
++
++            G.crec.ucsize = G.lrec.ucsize = makeint64(offset + ef_buf);
++            offset += 8;
+           }
+-          if (G.crec.csize == 0xffffffff || G.lrec.csize == 0xffffffff){
+-            G.csize = G.lrec.csize = G.crec.csize = makeint64(offset + ef_buf);
+-            offset += sizeof(G.crec.csize);
++
++          if ((G.crec.csize == Z64FLGL) || (G.lrec.csize == Z64FLGL))
++          {
++            if (offset+ 8 > ef_len)
++              return PK_ERR;
++
++            G.csize = G.crec.csize = G.lrec.csize = makeint64(offset + ef_buf);
++            offset += 8;
+           }
+-          if (G.crec.relative_offset_local_header == 0xffffffff){
++
++          if (G.crec.relative_offset_local_header == Z64FLGL)
++          {
++            if (offset+ 8 > ef_len)
++              return PK_ERR;
++
+             G.crec.relative_offset_local_header = makeint64(offset + ef_buf);
+-            offset += sizeof(G.crec.relative_offset_local_header);
++            offset += 8;
+           }
+-          if (G.crec.disk_number_start == 0xffff){
++
++          if (G.crec.disk_number_start == Z64FLGS)
++          {
++            if (offset+ 4 > ef_len)
++              return PK_ERR;
++
+             G.crec.disk_number_start = (zuvl_t)makelong(offset + ef_buf);
+-            offset += sizeof(G.crec.disk_number_start);
++            offset += 4;
+           }
++#if 0
++          break;                /* Expect only one EF_PKSZ64 block. */
++#endif /* 0 */
+         }
+ 
+-        /* Skip this extra field block */
++        /* Skip this extra field block. */
+         ef_buf += (eb_len + EB_HEADSIZE);
+         ef_len -= (eb_len + EB_HEADSIZE);
+     }
+--- unzip60/fileio.c	2009-04-20 02:03:44.000000000 +0200
++++ unzip60/fileio.c	2014-12-05 22:44:16.000000000 +0100
+@@ -176,6 +176,8 @@ static ZCONST char Far FilenameTooLongTr
+ #endif
+ static ZCONST char Far ExtraFieldTooLong[] =
+   "warning:  extra field too long (%d).  Ignoring...\n";
++static ZCONST char Far ExtraFieldCorrupt[] =
++  "warning:  extra field (type: 0x%04x) corrupt.  Continuing...\n";
+ 
+ #ifdef WINDLL
+    static ZCONST char Far DiskFullQuery[] =
+@@ -2295,7 +2297,12 @@ int do_string(__G__ length, option)   /*
+             if (readbuf(__G__ (char *)G.extra_field, length) == 0)
+                 return PK_EOF;
+             /* Looks like here is where extra fields are read */
+-            getZip64Data(__G__ G.extra_field, length);
++            if (getZip64Data(__G__ G.extra_field, length) != PK_COOL)
++            {
++                Info(slide, 0x401, ((char *)slide,
++                 LoadFarString( ExtraFieldCorrupt), EF_PKSZ64));
++                error = PK_WARN;
++            }
+ #ifdef UNICODE_SUPPORT
+             G.unipath_filename = NULL;
+             if (G.UzO.U_flag < 2) {
diff --git a/main/unzip/CVE-2014-9636.patch b/main/unzip/CVE-2014-9636.patch
new file mode 100644
index 0000000000..d4c7f75297
--- /dev/null
+++ b/main/unzip/CVE-2014-9636.patch
@@ -0,0 +1,42 @@
+From 190040ebfcf5395a6ccedede2cc9343d34f0a108 Mon Sep 17 00:00:00 2001
+From: mancha <mancha1 AT zoho DOT com>
+Date: Wed, 11 Feb 2015
+Subject: Info-ZIP UnZip buffer overflow
+
+By carefully crafting a corrupt ZIP archive with "extra fields" that
+purport to have compressed blocks larger than the corresponding
+uncompressed blocks in STORED no-compression mode, an attacker can
+trigger a heap overflow that can result in application crash or
+possibly have other unspecified impact.
+
+This patch ensures that when extra fields use STORED mode, the
+"compressed" and uncompressed block sizes match.
+
+---
+ extract.c |    8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+--- a/extract.c
++++ b/extract.c
+@@ -2217,6 +2217,7 @@ static int test_compr_eb(__G__ eb, eb_si
+     ulg eb_ucsize;
+     uch *eb_ucptr;
+     int r;
++    ush method;
+ 
+     if (compr_offset < 4)                /* field is not compressed: */
+         return PK_OK;                    /* do nothing and signal OK */
+@@ -2226,6 +2227,13 @@ static int test_compr_eb(__G__ eb, eb_si
+          eb_size <= (compr_offset + EB_CMPRHEADLEN)))
+         return IZ_EF_TRUNC;               /* no compressed data! */
+ 
++    method = makeword(eb + (EB_HEADSIZE + compr_offset));
++    if ((method == STORED) &&
++        (eb_size - compr_offset - EB_CMPRHEADLEN != eb_ucsize))
++	return PK_ERR;			  /* compressed & uncompressed
++					   * should match in STORED
++					   * method */
++
+     if (
+ #ifdef INT_16BIT
+         (((ulg)(extent)eb_ucsize) != eb_ucsize) ||
diff --git a/main/unzip/CVE-2014-9913.patch b/main/unzip/CVE-2014-9913.patch
new file mode 100644
index 0000000000..a5675f4fb7
--- /dev/null
+++ b/main/unzip/CVE-2014-9913.patch
@@ -0,0 +1,29 @@
+From: "Steven M. Schweda" <sms@antinode.info>
+Subject: Fix CVE-2014-9913, buffer overflow in unzip
+Bug: https://sourceforge.net/p/infozip/bugs/27/
+Bug-Debian: https://bugs.debian.org/847485
+Bug-Ubuntu: https://launchpad.net/bugs/387350
+X-Debian-version: 6.0-21
+
+--- a/list.c
++++ b/list.c
+@@ -339,7 +339,18 @@
+                 G.crec.compression_method == ENHDEFLATED) {
+                 methbuf[5] = dtype[(G.crec.general_purpose_bit_flag>>1) & 3];
+             } else if (methnum >= NUM_METHODS) {
+-                sprintf(&methbuf[4], "%03u", G.crec.compression_method);
++                /* 2013-02-26 SMS.
++                 * http://sourceforge.net/p/infozip/bugs/27/  CVE-2014-9913.
++                 * Unexpectedly large compression methods overflow
++                 * &methbuf[].  Use the old, three-digit decimal format
++                 * for values which fit.  Otherwise, sacrifice the
++                 * colon, and use four-digit hexadecimal.
++                 */
++                if (G.crec.compression_method <= 999) {
++                    sprintf( &methbuf[ 4], "%03u", G.crec.compression_method);
++                } else {
++                    sprintf( &methbuf[ 3], "%04X", G.crec.compression_method);
++                }
+             }
+ 
+ #if 0       /* GRR/Euro:  add this? */
diff --git a/main/unzip/CVE-2016-9844.patch b/main/unzip/CVE-2016-9844.patch
new file mode 100644
index 0000000000..52d07987b3
--- /dev/null
+++ b/main/unzip/CVE-2016-9844.patch
@@ -0,0 +1,28 @@
+From: "Steven M. Schweda" <sms@antinode.info>
+Subject: Fix CVE-2016-9844, buffer overflow in zipinfo
+Bug-Debian: https://bugs.debian.org/847486
+Bug-Ubuntu: https://launchpad.net/bugs/1643750
+X-Debian-version: 6.0-21
+
+--- a/zipinfo.c
++++ b/zipinfo.c
+@@ -1921,7 +1921,18 @@
+         ush  dnum=(ush)((G.crec.general_purpose_bit_flag>>1) & 3);
+         methbuf[3] = dtype[dnum];
+     } else if (methnum >= NUM_METHODS) {   /* unknown */
+-        sprintf(&methbuf[1], "%03u", G.crec.compression_method);
++        /* 2016-12-05 SMS.
++         * https://launchpad.net/bugs/1643750
++         * Unexpectedly large compression methods overflow
++         * &methbuf[].  Use the old, three-digit decimal format
++         * for values which fit.  Otherwise, sacrifice the "u",
++         * and use four-digit hexadecimal.
++         */
++        if (G.crec.compression_method <= 999) {
++            sprintf( &methbuf[ 1], "%03u", G.crec.compression_method);
++        } else {
++            sprintf( &methbuf[ 0], "%04X", G.crec.compression_method);
++        }
+     }
+ 
+     for (k = 0;  k < 15;  ++k)
diff --git a/main/unzip/CVE-2018-1000035.patch b/main/unzip/CVE-2018-1000035.patch
new file mode 100644
index 0000000000..8ca713865c
--- /dev/null
+++ b/main/unzip/CVE-2018-1000035.patch
@@ -0,0 +1,34 @@
+--- a/fileio.c	2014-12-05 05:06:05 -0600
++++ b/fileio.c	2017-11-14 01:06:28 -0600
+@@ -1,5 +1,5 @@
+ /*
+-  Copyright (c) 1990-2009 Info-ZIP.  All rights reserved.
++  Copyright (c) 1990-2017 Info-ZIP.  All rights reserved.
+ 
+   See the accompanying file LICENSE, version 2009-Jan-02 or later
+   (the contents of which are also included in unzip.h) for terms of use.
+@@ -1582,6 +1582,8 @@
+     int r = IZ_PW_ENTERED;
+     char *m;
+     char *prompt;
++    char *ep;
++    char *zp;
+ 
+ #ifndef REENTRANT
+     /* tell picky compilers to shut up about "unused variable" warnings */
+@@ -1590,9 +1592,12 @@
+ 
+     if (*rcnt == 0) {           /* First call for current entry */
+         *rcnt = 2;
+-        if ((prompt = (char *)malloc(2*FILNAMSIZ + 15)) != (char *)NULL) {
+-            sprintf(prompt, LoadFarString(PasswPrompt),
+-                    FnFilter1(zfn), FnFilter2(efn));
++        zp = FnFilter1( zfn);
++        ep = FnFilter2( efn);
++        prompt = (char *)malloc(        /* Slightly too long (2* "%s"). */
++         sizeof( PasswPrompt)+ strlen( zp)+ strlen( ep));
++        if (prompt != (char *)NULL) {
++            sprintf(prompt, LoadFarString(PasswPrompt), zp, ep);
+             m = prompt;
+         } else
+             m = (char *)LoadFarString(PasswPrompt2);
diff --git a/main/unzip/fix-CVE-2014-8139.patch b/main/unzip/fix-CVE-2014-8139.patch
new file mode 100644
index 0000000000..2465af0328
--- /dev/null
+++ b/main/unzip/fix-CVE-2014-8139.patch
@@ -0,0 +1,75 @@
+--- a/extract.c
++++ b/extract.c
+@@ -1,5 +1,5 @@
+ /*
+-  Copyright (c) 1990-2009 Info-ZIP.  All rights reserved.
++  Copyright (c) 1990-2014 Info-ZIP.  All rights reserved.
+
+   See the accompanying file LICENSE, version 2009-Jan-02 or later
+   (the contents of which are also included in unzip.h) for terms of use.
+@@ -298,6 +298,8 @@
+ #ifndef SFX
+    static ZCONST char Far InconsistEFlength[] = "bad extra-field entry:\n \
+      EF block length (%u bytes) exceeds remaining EF data (%u bytes)\n";
++   static ZCONST char Far TooSmallEBlength[] = "bad extra-field entry:\n \
++     EF block length (%u bytes) invalid (< %d)\n";
+    static ZCONST char Far InvalidComprDataEAs[] =
+      " invalid compressed data for EAs\n";
+ #  if (defined(WIN32) && defined(NTSD_EAS))
+@@ -2032,7 +2034,8 @@
+         ebID = makeword(ef);
+         ebLen = (unsigned)makeword(ef+EB_LEN);
+
+-        if (ebLen > (ef_len - EB_HEADSIZE)) {
++        if (ebLen > (ef_len - EB_HEADSIZE))
++        {
+            /* Discovered some extra field inconsistency! */
+             if (uO.qflag)
+                 Info(slide, 1, ((char *)slide, "%-22s ",
+@@ -2167,11 +2170,29 @@
+                 }
+                 break;
+             case EF_PKVMS:
+-                if (makelong(ef+EB_HEADSIZE) !=
+-                    crc32(CRCVAL_INITIAL, ef+(EB_HEADSIZE+4),
+-                          (extent)(ebLen-4)))
+-                    Info(slide, 1, ((char *)slide,
+-                      LoadFarString(BadCRC_EAs)));
++                /* 2015-01-30 SMS.  Added sufficient-bytes test/message
++                 * here.  (Removed defective ebLen test above.)
++                 *
++                 * If sufficient bytes (EB_PKVMS_MINLEN) are available,
++                 * then compare the stored CRC value with the calculated
++                 * CRC for the remainder of the data (and complain about
++                 * a mismatch).
++                 */
++                if (ebLen < EB_PKVMS_MINLEN)
++                {
++                    /* Insufficient bytes available. */
++                    Info( slide, 1,
++                     ((char *)slide, LoadFarString( TooSmallEBlength),
++                     ebLen, EB_PKVMS_MINLEN));
++                }
++                else if (makelong(ef+ EB_HEADSIZE) !=
++                 crc32(CRCVAL_INITIAL,
++                 (ef+ EB_HEADSIZE+ EB_PKVMS_MINLEN),
++                 (extent)(ebLen- EB_PKVMS_MINLEN)))
++                {
++                     Info(slide, 1, ((char *)slide,
++                       LoadFarString(BadCRC_EAs)));
++                }
+                 break;
+             case EF_PKW32:
+             case EF_PKUNIX:
+--- a/unzpriv.h
++++ b/unzpriv.h
+@@ -1806,6 +1806,8 @@
+ #define EB_NTSD_VERSION   4    /* offset of NTSD version byte */
+ #define EB_NTSD_MAX_VER   (0)  /* maximum version # we know how to handle */
+
++#define EB_PKVMS_MINLEN   4    /* minimum data length of PKVMS extra block */
++
+ #define EB_ASI_CRC32      0    /* offset of ASI Unix field's crc32 checksum */
+ #define EB_ASI_MODE       4    /* offset of ASI Unix permission mode field */
+
+
author	Natanael Copa <ncopa@alpinelinux.org>	2018-08-20 12:24:29 +0000
committer	Natanael Copa <ncopa@alpinelinux.org>	2018-08-22 10:37:44 +0200
commit	1a9d4e34862869cd3a82d1ce5c75be04b144229a (patch)
tree	e7d4181a1a0ba8cc679b40d059d0f9fd9850c606 /main/unzip
parent	d510fa929a7f6ede654295930273de33fd0e9b15 (diff)
download	aports-1a9d4e34862869cd3a82d1ce5c75be04b144229a.tar.bz2 aports-1a9d4e34862869cd3a82d1ce5c75be04b144229a.tar.xz