Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 455550 Details for
Bug 602048
<app-arch/unzip-6.0_p21-r2: buffer overflow in ZipInfo (CVE-2016-9844)
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
patch constrcuted according to the discussion on oss-security
cve-2016-9844.patch (text/plain), 618 bytes, created by
Ian Zimmerman
on 2016-12-08 23:43:49 UTC
(
hide
)
Description:
patch constrcuted according to the discussion on oss-security
Filename:
MIME Type:
Creator:
Ian Zimmerman
Created:
2016-12-08 23:43:49 UTC
Size:
618 bytes
patch
obsolete
>--- zipinfo.c.orig 2016-12-08 12:51:39.445092174 -0800 >+++ zipinfo.c 2016-12-08 12:53:38.040626733 -0800 >@@ -1921,7 +1921,11 @@ > ush dnum=(ush)((G.crec.general_purpose_bit_flag>>1) & 3); > methbuf[3] = dtype[dnum]; > } else if (methnum >= NUM_METHODS) { /* unknown */ >- sprintf(&methbuf[1], "%03u", G.crec.compression_method); >+ if (G.crec.compression_method <= 999) { >+ sprintf( &methbuf[ 1], "%03u", G.crec.compression_method); >+ } else { >+ sprintf( &methbuf[ 0], "%04X", G.crec.compression_method); >+ } > } > > for (k = 0; k < 15; ++k)
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=455550">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 602048
: 455550
