[unzip/f19] - fix unitialized reads (#558738)

Thu Nov 27 13:42:15 UTC 2014

commit c64c31d061d39fb56325c4f073bd6bd65e9a58d1
Author: Petr Stodulka <pstodulk at redhat.com>
Date:   Thu Nov 20 13:35:36 2014 +0100

    - fix unitialized reads (#558738)

 unzip-6.0-valgrind.patch |   26 ++++++++++++++++++++++++++
 unzip.spec               |    7 ++++++-
 2 files changed, 32 insertions(+), 1 deletions(-)
---

diff --git a/unzip-6.0-valgrind.patch b/unzip-6.0-valgrind.patch
new file mode 100644
index 0000000..41a7520
--- /dev/null
+++ b/unzip-6.0-valgrind.patch
@@ -0,0 +1,26 @@
+diff --git a/fileio.c b/fileio.c
+index ba0a1d0..03fc4be 100644
+--- a/fileio.c
++++ b/fileio.c
+@@ -2006,6 +2006,7 @@ int do_string(__G__ length, option)   /* return PK-type error code */
+     unsigned comment_bytes_left;
+     unsigned int block_len;
+     int error=PK_OK;
++    unsigned int length2;
+ #ifdef AMIGA
+     char tmp_fnote[2 * AMIGA_FILENOTELEN];   /* extra room for squozen chars */
+ #endif
+@@ -2292,8 +2293,12 @@ int do_string(__G__ length, option)   /* return PK-type error code */
+             seek_zipf(__G__ G.cur_zipfile_bufstart - G.extra_bytes +
+                       (G.inptr-G.inbuf) + length);
+         } else {
+-            if (readbuf(__G__ (char *)G.extra_field, length) == 0)
++            if ((length2 = readbuf(__G__ (char *)G.extra_field, length)) == 0)
+                 return PK_EOF;
++            if(length2 < length) {
++              memset (__G__ (char *)G.extra_field+length2, 0 , length-length2);
++              length = length2;
++            }
+             /* Looks like here is where extra fields are read */
+             getZip64Data(__G__ G.extra_field, length);
+ #ifdef UNICODE_SUPPORT
diff --git a/unzip.spec b/unzip.spec
index ddd5f2b..9f06f5c 100644
--- a/unzip.spec
+++ b/unzip.spec
@@ -1,7 +1,7 @@
 Summary: A utility for unpacking zip files
 Name: unzip
 Version: 6.0
-Release: 12%{?dist}
+Release: 13%{?dist}
 License: BSD
 Group: Applications/Archiving
 Source: http://downloads.sourceforge.net/infozip/unzip60.tar.gz
@@ -24,6 +24,7 @@ Patch6: unzip-6.0-manpage-fix.patch
 Patch7: unzip-6.0-fix-recmatch.patch
 # Update process.c
 Patch8: unzip-6.0-symlink.patch
+Patch9: unzip-6.0-valgrind.patch
 URL: http://www.info-zip.org/UnZip.html
 BuildRequires:  bzip2-devel
 
@@ -48,6 +49,7 @@ a zip archive.
 %patch6 -p1 -b .manpage-fix
 %patch7 -p1 -b .recmatch
 %patch8 -p1 -b .symlink
+%patch9 -p1 -b .valgrind
 
 %build
 make -f unix/Makefile CF_NOOPT="-I. -DUNIX -DNOMEMCPY $RPM_OPT_FLAGS" generic_gcc %{?_smp_mflags}
@@ -63,6 +65,9 @@ make -f unix/Makefile prefix=$RPM_BUILD_ROOT%{_prefix} MANDIR=$RPM_BUILD_ROOT/%{
 %{_mandir}/*/*
 
 %changelog
+* Thu Nov 20 2014 Petr Stodulka <pstodulk at redhat.com> - 6.0-13
+- Fix unitialized reads in unzip (#558738).
+
 * Thu Nov 06 2014 Petr Stodulka <pstodulk at redhat.com> - 6.0-12
 - Fix producing of incorrect output due to memcpy overlapping
   by added option -D NOMEMCPY to compile section.
