diff options
Diffstat (limited to 'unzip-6.0_CVE-2021-4217.patch')
| -rw-r--r-- | unzip-6.0_CVE-2021-4217.patch | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/unzip-6.0_CVE-2021-4217.patch b/unzip-6.0_CVE-2021-4217.patch new file mode 100644 index 000000000000..37b83cca0575 --- /dev/null +++ b/unzip-6.0_CVE-2021-4217.patch @@ -0,0 +1,19 @@ +diff --git a/process.c b/process.c +index d2a846e..cba2463 100644 +--- a/process.c ++++ b/process.c +@@ -2064,10 +2064,14 @@ int getUnicodeData(__G__ ef_buf, ef_len) + G.unipath_checksum = makelong(offset + ef_buf); + offset += 4; + ++ if (!G.filename_full) { ++ /* Check if we have a unicode extra section but no filename set */ ++ return PK_ERR; ++ } ++ + /* + * Compute 32-bit crc + */ +- + chksum = crc32(chksum, (uch *)(G.filename_full), + strlen(G.filename_full)); |