diff options
| author | tron <tron@pkgsrc.org> | 2005-08-04 14:20:35 +0000 |
|---|---|---|
| committer | tron <tron@pkgsrc.org> | 2005-08-04 14:20:35 +0000 |
| commit | 06513d9e1533e41a22ccba45430d50e6383bc935 (patch) | |
| tree | bd3d223b4596c763ab74b5f8071c05573aa7ad28 /archivers/unzip/patches | |
| parent | ff402e1a7ef1622f76bb4ba086e2a78f5459bc87 (diff) | |
| download | pkgsrc-06513d9e1533e41a22ccba45430d50e6383bc935.tar.gz | |
Add patch to fix the security problem described in SA16309.
Diffstat (limited to 'archivers/unzip/patches')
| -rw-r--r-- | archivers/unzip/patches/patch-ac | 64 |
1 files changed, 64 insertions, 0 deletions
diff --git a/archivers/unzip/patches/patch-ac b/archivers/unzip/patches/patch-ac new file mode 100644 index 00000000000..062be0cbd3e --- /dev/null +++ b/archivers/unzip/patches/patch-ac @@ -0,0 +1,64 @@ +$NetBSD: patch-ac,v 1.1 2005/08/04 14:20:35 tron Exp $ + +--- unix/unix.c.orig 2005-02-26 19:43:42.000000000 +0000 ++++ unix/unix.c 2005-08-04 15:15:17.000000000 +0100 +@@ -1042,8 +1042,6 @@ + ush z_uidgid[2]; + int have_uidgid_flg; + +- fclose(G.outfile); +- + /*--------------------------------------------------------------------------- + If symbolic links are supported, allocate storage for a symlink control + structure, put the uncompressed "data" and other required info in it, and +@@ -1059,6 +1057,8 @@ + strlen(G.filename); + slinkentry *slnk_entry; + ++ fclose(G.outfile); ++ + if ((unsigned)slnk_entrysize < ucsize) { + Info(slide, 0x201, ((char *)slide, + "warning: symbolic link (%s) failed: mem alloc overflow\n", +@@ -1107,6 +1107,11 @@ + } + #endif /* SYMLINKS */ + ++#ifndef NO_CHMOD ++ if (fchmod(fileno(G.outfile), filtattr(__G__ G.pInfo->file_attr))) ++ perror("chmod (file attributes) error"); ++#endif ++ + #ifdef QLZIP + if (G.extra_field) { + static void qlfix OF((__GPRO__ uch *ef_ptr, unsigned ef_len)); +@@ -1120,7 +1125,7 @@ + /* if -X option was specified and we have UID/GID info, restore it */ + if (have_uidgid_flg) { + TTrace((stderr, "close_outfile: restoring Unix UID/GID info\n")); +- if (chown(G.filename, (uid_t)z_uidgid[0], (gid_t)z_uidgid[1])) ++ if (fchown(fileno(G.outfile), (uid_t)z_uidgid[0], (gid_t)z_uidgid[1])) + { + if (uO.qflag) + Info(slide, 0x201, ((char *)slide, +@@ -1133,6 +1138,8 @@ + } + } + ++ fclose(G.outfile); ++ + /* set the file's access and modification times */ + if (utime(G.filename, &(zt.t2))) { + #ifdef AOS_VS +@@ -1156,11 +1163,6 @@ + zipfile. + ---------------------------------------------------------------------------*/ + +-#ifndef NO_CHMOD +- if (chmod(G.filename, filtattr(__G__ G.pInfo->file_attr))) +- perror("chmod (file attributes) error"); +-#endif +- + } /* end function close_outfile() */ + + #endif /* !MTS */ |