diff options
author | V3n3RiX <venerix@redcorelinux.org> | 2018-07-14 21:03:06 +0100 |
---|---|---|
committer | V3n3RiX <venerix@redcorelinux.org> | 2018-07-14 21:03:06 +0100 |
commit | 8376ef56580626e9c0f796d5b85b53a0a1c7d5f5 (patch) | |
tree | 7681bbd4e8b05407772df40a4bf04cbbc8afc3fa /app-arch/unarj/files/unarj-2.65-CAN-2004-0947.patch | |
parent | 30a9caf154332f12ca60756e1b75d2f0e3e1822d (diff) |
gentoo resync : 14.07.2018
Diffstat (limited to 'app-arch/unarj/files/unarj-2.65-CAN-2004-0947.patch')
-rw-r--r-- | app-arch/unarj/files/unarj-2.65-CAN-2004-0947.patch | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/app-arch/unarj/files/unarj-2.65-CAN-2004-0947.patch b/app-arch/unarj/files/unarj-2.65-CAN-2004-0947.patch new file mode 100644 index 000000000000..f52af83ac2ca --- /dev/null +++ b/app-arch/unarj/files/unarj-2.65-CAN-2004-0947.patch @@ -0,0 +1,49 @@ +Index: unarj-2.65/unarj.c +=================================================================== +--- unarj-2.65.orig/unarj.c ++++ unarj-2.65/unarj.c +@@ -217,7 +217,7 @@ static uchar arj_flags; + static short method; + static uint file_mode; + static ulong time_stamp; +-static short entry_pos; ++static ushort entry_pos; + static ushort host_data; + static uchar *get_ptr; + static UCRC file_crc; +@@ -608,6 +608,7 @@ char *name; + error(M_BADHEADR, ""); + + crc = CRC_MASK; ++ memset(header, 0, sizeof(header)); + fread_crc(header, (int) headersize, fd); + header_crc = fget_crc(fd); + if ((crc ^ CRC_MASK) != header_crc) +@@ -632,9 +633,13 @@ char *name; + + if (origsize < 0 || compsize < 0) + error(M_HEADRCRC, ""); ++ if(first_hdr_size > headersize-2) /* need two \0 for file and comment */ ++ error(M_BADHEADR, ""); + + hdr_filename = (char *)&header[first_hdr_size]; + strncopy(filename, hdr_filename, sizeof(filename)); ++ if(entry_pos >= strlen(filename)) ++ error(M_BADHEADR, ""); + if (host_os != OS) + strparity((uchar *)filename); + if ((arj_flags & PATHSYM_FLAG) != 0) +@@ -733,11 +738,11 @@ extract() + + no_output = 0; + if (command == 'E') +- strcpy(name, &filename[entry_pos]); ++ strncopy(name, &filename[entry_pos], sizeof(name)); + else + { + strcpy(name, DEFAULT_DIR); +- strcat(name, filename); ++ strncopy(name+strlen(name), filename, sizeof(name)-strlen(name)); + } + + if (host_os != OS) |