Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12:Update
unzip
CVE-2015-7697.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2015-7697.patch of Package unzip
From: Kamil Dudka <kdudka@redhat.com> Date: Mon, 14 Sep 2015 18:24:56 +0200 Subject: fix infinite loop when extracting empty bzip2 data Bug-Debian: https://bugs.debian.org/802160 Bug-RedHat: https://bugzilla.redhat.com/show_bug.cgi?id=1260944 Origin: other, https://bugzilla.redhat.com/attachment.cgi?id=1073339 --- extract.c | 6 ++++++ 1 file changed, 6 insertions(+) Index: unzip60/extract.c =================================================================== --- unzip60.orig/extract.c +++ unzip60/extract.c @@ -2728,6 +2728,12 @@ __GDEF int repeated_buf_err; bz_stream bstrm; + if (G.incnt <= 0 && G.csize <= 0L) { + /* avoid an infinite loop */ + Trace((stderr, "UZbunzip2() got empty input\n")); + return 2; + } + #if (defined(DLL) && !defined(NO_SLIDE_REDIR)) if (G.redirect_slide) wsize = G.redirect_size, redirSlide = G.redirect_buffer;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor