diff options
author | sl1pkn07 | 2015-11-03 16:30:48 +0100 |
---|---|---|
committer | sl1pkn07 | 2015-11-03 16:33:42 +0100 |
commit | d1e584e41563a5ac0949fa2d3333603ea73b252b (patch) | |
tree | ff90d4ee6c94fb1fc34ffa856c87cd27089c63a4 /CVE-2014-9636_pt1.patch | |
parent | 16303db219bcd331538bb31b4101004a8e75e3b2 (diff) | |
download | aur-d1e584e41563a5ac0949fa2d3333603ea73b252b.tar.gz |
Fix FS#46955 and update patchset
Diffstat (limited to 'CVE-2014-9636_pt1.patch')
-rw-r--r-- | CVE-2014-9636_pt1.patch | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/CVE-2014-9636_pt1.patch b/CVE-2014-9636_pt1.patch new file mode 100644 index 000000000000..228c28377ff9 --- /dev/null +++ b/CVE-2014-9636_pt1.patch @@ -0,0 +1,25 @@ +diff --git a/extract.c b/extract.c +index a0a4929..9ef80b3 100644 +--- a/extract.c ++++ b/extract.c +@@ -2214,6 +2214,7 @@ static int test_compr_eb(__G__ eb, eb_size, compr_offset, test_uc_ebdata) + ulg eb_ucsize; + uch *eb_ucptr; + int r; ++ ush method; + + if (compr_offset < 4) /* field is not compressed: */ + return PK_OK; /* do nothing and signal OK */ +@@ -2223,6 +2224,12 @@ static int test_compr_eb(__G__ eb, eb_size, compr_offset, test_uc_ebdata) + eb_size <= (compr_offset + EB_CMPRHEADLEN))) + return IZ_EF_TRUNC; /* no compressed data! */ + ++ method = makeword(eb + (EB_HEADSIZE + compr_offset)); ++ if ((method == STORED) && (eb_size != compr_offset + EB_CMPRHEADLEN + eb_ucsize)) ++ return PK_ERR; /* compressed & uncompressed ++ * should match in STORED ++ * method */ ++ + if ( + #ifdef INT_16BIT + (((ulg)(extent)eb_ucsize) != eb_ucsize) || |