diff options
author | Pierre Bourdon <delroth@gmail.com> | 2019-02-17 05:33:44 +0100 |
---|---|---|
committer | Pierre Bourdon <delroth@gmail.com> | 2019-02-17 05:55:30 +0100 |
commit | 705167a5dceb53befd22f4e6184bbfba0813b73d (patch) | |
tree | 8083f894b28656627f3e2988ff038ffc0cd0bb25 /pkgs/tools | |
parent | 27ed56ce1d3108f49fc02590d6d819b9f3eef5cc (diff) | |
download | nixlib-705167a5dceb53befd22f4e6184bbfba0813b73d.tar nixlib-705167a5dceb53befd22f4e6184bbfba0813b73d.tar.gz nixlib-705167a5dceb53befd22f4e6184bbfba0813b73d.tar.bz2 nixlib-705167a5dceb53befd22f4e6184bbfba0813b73d.tar.lz nixlib-705167a5dceb53befd22f4e6184bbfba0813b73d.tar.xz nixlib-705167a5dceb53befd22f4e6184bbfba0813b73d.tar.zst nixlib-705167a5dceb53befd22f4e6184bbfba0813b73d.zip |
unzip: patch CVE-2018-18384
Patch from https://sourceforge.net/p/infozip/bugs/53/
Diffstat (limited to 'pkgs/tools')
-rw-r--r-- | pkgs/tools/archivers/unzip/CVE-2018-18384.patch | 35 | ||||
-rw-r--r-- | pkgs/tools/archivers/unzip/default.nix | 1 |
2 files changed, 36 insertions, 0 deletions
diff --git a/pkgs/tools/archivers/unzip/CVE-2018-18384.patch b/pkgs/tools/archivers/unzip/CVE-2018-18384.patch new file mode 100644 index 000000000000..e9320e125cf6 --- /dev/null +++ b/pkgs/tools/archivers/unzip/CVE-2018-18384.patch @@ -0,0 +1,35 @@ +--- unzip60/list.c ++++ unzip60/list.c +@@ -97,7 +97,7 @@ int list_files(__G) /* return PK-type + { + int do_this_file=FALSE, cfactor, error, error_in_archive=PK_COOL; + #ifndef WINDLL +- char sgn, cfactorstr[10]; ++ char sgn, cfactorstr[1+10+1+1]; /* <sgn><int>%NUL */ + int longhdr=(uO.vflag>1); + #endif + int date_format; +@@ -389,9 +389,9 @@ int list_files(__G) /* return PK-type + } + #else /* !WINDLL */ + if (cfactor == 100) +- sprintf(cfactorstr, LoadFarString(CompFactor100)); ++ snprintf(cfactorstr, sizeof(cfactorstr), LoadFarString(CompFactor100)); + else +- sprintf(cfactorstr, LoadFarString(CompFactorStr), sgn, cfactor); ++ snprintf(cfactorstr, sizeof(cfactorstr), LoadFarString(CompFactorStr), sgn, cfactor); + if (longhdr) + Info(slide, 0, ((char *)slide, LoadFarString(LongHdrStats), + FmZofft(G.crec.ucsize, "8", "u"), methbuf, +@@ -471,9 +471,9 @@ int list_files(__G) /* return PK-type + + #else /* !WINDLL */ + if (cfactor == 100) +- sprintf(cfactorstr, LoadFarString(CompFactor100)); ++ snprintf(cfactorstr, sizeof(cfactorstr), LoadFarString(CompFactor100)); + else +- sprintf(cfactorstr, LoadFarString(CompFactorStr), sgn, cfactor); ++ snprintf(cfactorstr, sizeof(cfactorstr), LoadFarString(CompFactorStr), sgn, cfactor); + if (longhdr) { + Info(slide, 0, ((char *)slide, LoadFarString(LongFileTrailer), + FmZofft(tot_ucsize, "8", "u"), FmZofft(tot_csize, "8", "u"), diff --git a/pkgs/tools/archivers/unzip/default.nix b/pkgs/tools/archivers/unzip/default.nix index 7c4bb988b629..cdf189e82df5 100644 --- a/pkgs/tools/archivers/unzip/default.nix +++ b/pkgs/tools/archivers/unzip/default.nix @@ -24,6 +24,7 @@ stdenv.mkDerivation { ./CVE-2015-7697.diff ./CVE-2014-9913.patch ./CVE-2016-9844.patch + ./CVE-2018-18384.patch ./dont-hardcode-cc.patch ] ++ stdenv.lib.optional enableNLS (fetchurl { |