29 lines
1021 B
Diff
29 lines
1021 B
Diff
From: Enrico Zini <enrico@debian.org>
|
|
Subject: Fix null pointer dereference on invalid UTF-8 input
|
|
Bug-Debian: https://bugs.debian.org/1010355
|
|
X-Debian-version: 6.0-27
|
|
|
|
--- unzip-6.0.orig/fileio.c
|
|
+++ unzip-6.0/fileio.c
|
|
@@ -2364,6 +2364,9 @@ int do_string(__G__ length, option) /*
|
|
/* convert UTF-8 to local character set */
|
|
fn = utf8_to_local_string(G.unipath_filename,
|
|
G.unicode_escape_all);
|
|
+ if (fn == NULL)
|
|
+ return PK_ERR;
|
|
+
|
|
/* make sure filename is short enough */
|
|
if (strlen(fn) >= FILNAMSIZ) {
|
|
fn[FILNAMSIZ - 1] = '\0';
|
|
--- unzip-6.0.orig/process.c
|
|
+++ unzip-6.0/process.c
|
|
@@ -2615,6 +2615,8 @@ char *utf8_to_local_string(utf8_string,
|
|
int escape_all;
|
|
{
|
|
zwchar *wide = utf8_to_wide_string(utf8_string);
|
|
+ if (wide == NULL)
|
|
+ return NULL;
|
|
char *loc = wide_to_local_string(wide, escape_all);
|
|
free(wide);
|
|
return loc;
|