diff options
| author | tron <tron@pkgsrc.org> | 2008-03-23 13:03:13 +0000 |
|---|---|---|
| committer | tron <tron@pkgsrc.org> | 2008-03-23 13:03:13 +0000 |
| commit | c866b6ed5bb253c321249fe413f29a453e7bf00c (patch) | |
| tree | a53ab30178cb2c1d4a32244989ea161abf4de879 /archivers | |
| parent | caf830be30c297323cbc5bbbccb14ce1024c7f8f (diff) | |
| download | pkgsrc-c866b6ed5bb253c321249fe413f29a453e7bf00c.tar.gz | |
Add fix for the security vulnerability reported in CVE-2008-0888 taken
from Debian. Bump package revision.
Diffstat (limited to 'archivers')
| -rw-r--r-- | archivers/unzip/distinfo | 3 | ||||
| -rw-r--r-- | archivers/unzip/patches/patch-ae | 52 |
2 files changed, 54 insertions, 1 deletions
diff --git a/archivers/unzip/distinfo b/archivers/unzip/distinfo index 5cafd1d78e3..34e52075a2b 100644 --- a/archivers/unzip/distinfo +++ b/archivers/unzip/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.17 2007/06/05 05:54:51 wiz Exp $ +$NetBSD: distinfo,v 1.18 2008/03/23 13:03:13 tron Exp $ SHA1 (unzip-5.52/unzip552.tgz) = 1831bd59b9e607a69052f83b263384895e2d4a19 RMD160 (unzip-5.52/unzip552.tgz) = b749b0923bc4cceaa6f937aef688e9713a84328c @@ -7,3 +7,4 @@ SHA1 (patch-aa) = de66b7b5c45904167e8596ce5235d957c2df4d2a SHA1 (patch-ab) = dd426fdf4b774bd73f4ee46da470ffa3c2cf6513 SHA1 (patch-ac) = ada9059d9b3384396bbf6437f55fa40f2f6c0c73 SHA1 (patch-ad) = a0ad66bc1f13dd1ec9f9d7c9eb5b49ca3edb09be +SHA1 (patch-ae) = b6f50523a0020b57e3385731dd0c7b447b1a9242 diff --git a/archivers/unzip/patches/patch-ae b/archivers/unzip/patches/patch-ae new file mode 100644 index 00000000000..42d7502fe36 --- /dev/null +++ b/archivers/unzip/patches/patch-ae @@ -0,0 +1,52 @@ +$NetBSD: patch-ae,v 1.1 2008/03/23 13:03:13 tron Exp $ + +--- inflate.c.orig 2005-02-27 06:08:46.000000000 +0000 ++++ inflate.c 2008-03-23 12:58:42.000000000 +0000 +@@ -983,6 +983,7 @@ + unsigned l; /* last length */ + unsigned m; /* mask for bit lengths table */ + unsigned n; /* number of lengths to get */ ++ struct huft *tlp; + struct huft *tl; /* literal/length code table */ + struct huft *td; /* distance code table */ + unsigned bl; /* lookup bits for tl */ +@@ -996,6 +997,8 @@ + int retval = 0; /* error code returned: initialized to "no error" */ + + ++ td = tlp = tl = (struct huft *)NULL; ++ + /* make local bit buffer */ + Trace((stderr, "\ndynamic block")); + b = G.bb; +@@ -1047,9 +1050,9 @@ + while (i < n) + { + NEEDBITS(bl) +- j = (td = tl + ((unsigned)b & m))->b; ++ j = (tlp = tl + ((unsigned)b & m))->b; + DUMPBITS(j) +- j = td->v.n; ++ j = tlp->v.n; + if (j < 16) /* length of code in bits (0..15) */ + ll[i++] = l = j; /* save last length in l */ + else if (j == 16) /* repeat last length 3 to 6 times */ +@@ -1141,6 +1144,7 @@ + huft_free(td); + } + huft_free(tl); ++ + return retval; + } + +@@ -1149,8 +1153,8 @@ + + cleanup_and_exit: + /* free the decoding tables, return */ +- huft_free(tl); +- huft_free(td); ++ if (tl) huft_free(tl); ++ if (td) huft_free(td); + return retval; + } + |