[unzip/f20] fixed reading of unitialized input (valgrind) and -X works now
pstodulk
pstodulk at fedoraproject.org
Thu Nov 27 13:44:58 UTC 2014
commit f4b90065875966fdabe668f7c82c5289e472fbdc
Author: Petr Stodulka <pstodulk at redhat.com>
Date: Thu Nov 27 14:44:20 2014 +0100
fixed reading of unitialized input (valgrind) and -X works now
unzip-6.0-valgrind.patch | 26 ++++++++++++++++++++++++++
unzip-6.0-x-option.patch | 28 ++++++++++++++++++++++++++++
unzip.spec | 17 +++++++++++++++--
3 files changed, 69 insertions(+), 2 deletions(-)
---
diff --git a/unzip-6.0-valgrind.patch b/unzip-6.0-valgrind.patch
new file mode 100644
index 0000000..41a7520
--- /dev/null
+++ b/unzip-6.0-valgrind.patch
@@ -0,0 +1,26 @@
+diff --git a/fileio.c b/fileio.c
+index ba0a1d0..03fc4be 100644
+--- a/fileio.c
++++ b/fileio.c
+@@ -2006,6 +2006,7 @@ int do_string(__G__ length, option) /* return PK-type error code */
+ unsigned comment_bytes_left;
+ unsigned int block_len;
+ int error=PK_OK;
++ unsigned int length2;
+ #ifdef AMIGA
+ char tmp_fnote[2 * AMIGA_FILENOTELEN]; /* extra room for squozen chars */
+ #endif
+@@ -2292,8 +2293,12 @@ int do_string(__G__ length, option) /* return PK-type error code */
+ seek_zipf(__G__ G.cur_zipfile_bufstart - G.extra_bytes +
+ (G.inptr-G.inbuf) + length);
+ } else {
+- if (readbuf(__G__ (char *)G.extra_field, length) == 0)
++ if ((length2 = readbuf(__G__ (char *)G.extra_field, length)) == 0)
+ return PK_EOF;
++ if(length2 < length) {
++ memset (__G__ (char *)G.extra_field+length2, 0 , length-length2);
++ length = length2;
++ }
+ /* Looks like here is where extra fields are read */
+ getZip64Data(__G__ G.extra_field, length);
+ #ifdef UNICODE_SUPPORT
diff --git a/unzip-6.0-x-option.patch b/unzip-6.0-x-option.patch
new file mode 100644
index 0000000..72c77ae
--- /dev/null
+++ b/unzip-6.0-x-option.patch
@@ -0,0 +1,28 @@
+--- ./process.c.orig 2009-03-06 02:25:10.000000000 +0100
++++ ./process.c 2013-09-12 10:51:16.000000000 +0200
+@@ -2901,9 +2901,9 @@
+ */
+
+ #ifdef IZ_HAVE_UXUIDGID
+- if (eb_len >= EB_UX3_MINLEN
+- && z_uidgid != NULL
+- && (*((EB_HEADSIZE + 0) + ef_buf) == 1)
++ if ((eb_len >= EB_UX3_MINLEN)
++ && (z_uidgid != NULL)
++ && ((*((EB_HEADSIZE + 0) + ef_buf) == 1)))
+ /* only know about version 1 */
+ {
+ uch uid_size;
+@@ -2915,10 +2915,10 @@
+ flags &= ~0x0ff; /* ignore any previous UNIX field */
+
+ if ( read_ux3_value((EB_HEADSIZE + 2) + ef_buf,
+- uid_size, z_uidgid[0])
++ uid_size, &z_uidgid[0])
+ &&
+ read_ux3_value((EB_HEADSIZE + uid_size + 3) + ef_buf,
+- gid_size, z_uidgid[1]) )
++ gid_size, &z_uidgid[1]) )
+ {
+ flags |= EB_UX2_VALID; /* signal success */
+ }
diff --git a/unzip.spec b/unzip.spec
index 707e50b..a72e2fb 100644
--- a/unzip.spec
+++ b/unzip.spec
@@ -1,7 +1,7 @@
Summary: A utility for unpacking zip files
Name: unzip
Version: 6.0
-Release: 13%{?dist}
+Release: 14%{?dist}
License: BSD
Group: Applications/Archiving
Source: http://downloads.sourceforge.net/infozip/unzip60.tar.gz
@@ -24,6 +24,8 @@ Patch6: unzip-6.0-manpage-fix.patch
Patch7: unzip-6.0-fix-recmatch.patch
# Update process.c
Patch8: unzip-6.0-symlink.patch
+Patch9: unzip-6.0-valgrind.patch
+Patch10: unzip-6.0-x-option.patch
URL: http://www.info-zip.org/UnZip.html
BuildRequires: bzip2-devel
@@ -48,9 +50,14 @@ a zip archive.
%patch6 -p1 -b .manpage-fix
%patch7 -p1 -b .recmatch
%patch8 -p1 -b .symlink
+%patch9 -p1 -b .valgrind
+%patch10 -p1 -b .x-option
%build
-make -f unix/Makefile CF_NOOPT="-I. -DUNIX -DNOMEMCPY $RPM_OPT_FLAGS" generic_gcc %{?_smp_mflags}
+# IZ_HAVE_UXUIDGID is needed for right functionality of unzip -X
+# NOMEMCPY solve problem with memory overlapping - decomression is slowly,
+# but successfull.
+make -f unix/Makefile CF_NOOPT="-I. -DUNIX -DNOMEMCPY -DIZ_HAVE_UXUIDGID $RPM_OPT_FLAGS" generic_gcc %{?_smp_mflags}
%install
rm -rf $RPM_BUILD_ROOT
@@ -63,6 +70,12 @@ make -f unix/Makefile prefix=$RPM_BUILD_ROOT%{_prefix} MANDIR=$RPM_BUILD_ROOT/%{
%{_mandir}/*/*
%changelog
+* Thu Nov 27 2014 Petr Stodulka <pstodulk at redhat.com> - 6.0-14
+- Fix unitialized reads (#558738)
+- Fix fix broken -X option - never worked before. Added -DIZ_HAVE_UXUIDGID
+ option for compilation.
+ (#935202)
+
* Thu Nov 06 2014 Petr Stodulka <pstodulk at redhat.com> - 6.0-13
- Fix producing of incorrect output due to memcpy overlapping
by added option -D NOMEMCPY to compile section.
More information about the scm-commits
mailing list