File CVE-2018-7725.patch of Package zziplib.35220

Overview Repositories Revisions Requests Users Attributes Meta

File CVE-2018-7725.patch of Package zziplib.35220

Index: zziplib-0.13.69/zzip/memdisk.c
===================================================================
--- zziplib-0.13.69.orig/zzip/memdisk.c
+++ zziplib-0.13.69/zzip/memdisk.c
@@ -222,6 +222,14 @@ zzip_mem_entry_new(ZZIP_DISK * disk, ZZI
     item->zz_filetype = zzip_disk_entry_get_filetype(entry);
 
     /*
+     * If zz_data+zz_csize exceeds the size of the file, bail out
+     */
+    if ((item->zz_data + item->zz_csize) < disk->buffer ||
+        (item->zz_data + item->zz_csize) >= disk->endbuf)
+    {
+        goto error;
+    }
+    /*
      * If the file is uncompressed, zz_csize and zz_usize should be the same
      * If they are not, we cannot guarantee that either is correct, so ...
      */
Index: zziplib-0.13.69/zzip/zip.c
===================================================================
--- zziplib-0.13.69.orig/zzip/zip.c
+++ zziplib-0.13.69/zzip/zip.c
@@ -408,7 +408,7 @@ __zzip_parse_root_directory(int fd,
                             struct _disk_trailer *trailer,
                             struct zzip_dir_hdr **hdr_return,
                             zzip_plugin_io_t io,
-			    zzip_off_t filesize);
+			    zzip_off_t filesize)
 {
     auto struct zzip_disk_entry dirent;
     struct zzip_dir_hdr *hdr;

Places

File CVE-2018-7725.patch of Package zziplib.35220

Places