File zziplib-CVE-2017-5978.patch of Package zziplib.4426

Overview Repositories Revisions Requests Users Attributes Meta

File zziplib-CVE-2017-5978.patch of Package zziplib.4426

Index: zziplib-0.13.62/zzip/memdisk.c
===================================================================
--- zziplib-0.13.62.orig/zzip/memdisk.c
+++ zziplib-0.13.62/zzip/memdisk.c
@@ -180,7 +180,7 @@ zzip_mem_entry_new(ZZIP_DISK * disk, ZZI
      *  that exists in the other, ... but we will prefer the disk entry.
      */
     item->zz_comment = zzip_disk_entry_strdup_comment(disk, entry);
-    item->zz_name = zzip_disk_entry_strdup_name(disk, entry);
+    item->zz_name = zzip_disk_entry_strdup_name(disk, entry) ?: strdup("");
     item->zz_data = zzip_file_header_to_data(header);
     item->zz_flags = zzip_disk_entry_get_flags(entry);
     item->zz_compr = zzip_disk_entry_get_compr(entry);
@@ -197,7 +197,7 @@ zzip_mem_entry_new(ZZIP_DISK * disk, ZZI
         int /*            */ ext2 = zzip_file_header_get_extras(header);
         char *_zzip_restrict ptr2 = zzip_file_header_to_extras(header);
 
-        if (ext1)
+        if (ext1 && ((ptr1 + ext1) < disk->endbuf))
         {
             void *mem = malloc(ext1 + 2);
             item->zz_ext[1] = mem;
@@ -206,7 +206,7 @@ zzip_mem_entry_new(ZZIP_DISK * disk, ZZI
             ((char *) (mem))[ext1 + 0] = 0;
             ((char *) (mem))[ext1 + 1] = 0;
         }
-        if (ext2)
+        if (ext2 && ((ptr2 + ext2) < disk->endbuf))
         {
             void *mem = malloc(ext2 + 2);
             item->zz_ext[2] = mem;

Places

File zziplib-CVE-2017-5978.patch of Package zziplib.4426

Places