Fix FS#46955 and update patchset

author: sl1pkn07 2015-11-03 16:30:48 +0100
committer: sl1pkn07 2015-11-03 16:33:42 +0100
commit: d1e584e41563a5ac0949fa2d3333603ea73b252b (patch)
tree: ff90d4ee6c94fb1fc34ffa856c87cd27089c63a4 /CVE-2014-9636_pt1.patch
parent: 16303db219bcd331538bb31b4101004a8e75e3b2 (diff)
download: aur-d1e584e41563a5ac0949fa2d3333603ea73b252b.tar.gz
1 files changed, 25 insertions, 0 deletions
diff --git a/CVE-2014-9636_pt1.patch b/CVE-2014-9636_pt1.patch
new file mode 100644
index 000000000000..228c28377ff9
--- /dev/null
+++ b/CVE-2014-9636_pt1.patch
@@ -0,0 +1,25 @@
+diff --git a/extract.c b/extract.c
+index a0a4929..9ef80b3 100644
+--- a/extract.c
++++ b/extract.c
+@@ -2214,6 +2214,7 @@ static int test_compr_eb(__G__ eb, eb_size, compr_offset, test_uc_ebdata)
+     ulg eb_ucsize;
+     uch *eb_ucptr;
+     int r;
++    ush method;
+ 
+     if (compr_offset < 4)                /* field is not compressed: */
+         return PK_OK;                    /* do nothing and signal OK */
+@@ -2223,6 +2224,12 @@ static int test_compr_eb(__G__ eb, eb_size, compr_offset, test_uc_ebdata)
+          eb_size <= (compr_offset + EB_CMPRHEADLEN)))
+         return IZ_EF_TRUNC;               /* no compressed data! */
+ 
++    method = makeword(eb + (EB_HEADSIZE + compr_offset));
++    if ((method == STORED) && (eb_size != compr_offset + EB_CMPRHEADLEN + eb_ucsize))
++        return PK_ERR;            /* compressed & uncompressed
++                                   * should match in STORED
++                                   * method */
++
+     if (
+ #ifdef INT_16BIT
+         (((ulg)(extent)eb_ucsize) != eb_ucsize) ||
author	sl1pkn07	2015-11-03 16:30:48 +0100
committer	sl1pkn07	2015-11-03 16:33:42 +0100
commit	d1e584e41563a5ac0949fa2d3333603ea73b252b (patch)
tree	ff90d4ee6c94fb1fc34ffa856c87cd27089c63a4 /CVE-2014-9636_pt1.patch
parent	16303db219bcd331538bb31b4101004a8e75e3b2 (diff)
download	aur-d1e584e41563a5ac0949fa2d3333603ea73b252b.tar.gz