void-packages/srcpkgs/lrzip/patches/CVE-2018-5650.patch

25 lines
730 B
Diff
Raw Normal View History

From 50cfb3b9f68c7458822795e8b87a07dc06b39816 Mon Sep 17 00:00:00 2001
From: Con Kolivas <kernel@kolivas.org>
Date: Wed, 16 May 2018 19:26:15 +1000
Subject: [PATCH] Prevent infinite loop from crafted/corrupt archive in
unzip_match.
---
runzip.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/runzip.c b/runzip.c
index 667ae05..44e886d 100644
--- a/runzip.c
+++ b/runzip.c
@@ -219,6 +219,8 @@ static i64 unzip_match(rzip_control *control, void *ss, i64 len, uint32 *cksum,
while (len) {
n = MIN(len, offset);
+ if (unlikely(n < 1))
+ fatal_return(("Failed fd history in unzip_match due to corrupt archive\n"), -1);
if (unlikely(read_fdhist(control, off_buf, (size_t)n) != (ssize_t)n)) {
dealloc(buf);