Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP1:GA
zziplib.4426
zziplib-CVE-2017-5975.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File zziplib-CVE-2017-5975.patch of Package zziplib.4426
Index: zziplib-0.13.62/zzip/memdisk.c =================================================================== --- zziplib-0.13.62.orig/zzip/memdisk.c +++ zziplib-0.13.62/zzip/memdisk.c @@ -173,6 +173,8 @@ zzip_mem_entry_new(ZZIP_DISK * disk, ZZI return 0; /* errno=ENOMEM; */ ___ struct zzip_file_header *header = zzip_disk_entry_to_file_header(disk, entry); + if (!header) + { free(item); return 0; } /* there is a number of duplicated information in the file header * or the disk entry block. Theoretically some part may be missing * that exists in the other, ... but we will prefer the disk entry. Index: zziplib-0.13.62/zzip/mmapped.c =================================================================== --- zziplib-0.13.62.orig/zzip/mmapped.c +++ zziplib-0.13.62/zzip/mmapped.c @@ -289,6 +289,8 @@ zzip_disk_entry_to_file_header(ZZIP_DISK (disk->buffer + zzip_disk_entry_fileoffset(entry)); if (disk->buffer > file_header || file_header >= disk->endbuf) return 0; + if (ZZIP_GET32(file_header) != ZZIP_FILE_HEADER_MAGIC) + return 0; return (struct zzip_file_header *) file_header; }
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor