mirror/openwrt-packages
1
0
Fork 0
mirror of https://git.openwrt.org/feed/packages.git synced 2024-06-17 21:03:56 +02:00
Code Releases Activity
b88213b3a7
openwrt-packages/utils/unzip/patches/006-CVE-2015-7697-infinite-loop.patch
Álvaro Fernández Rojas b88213b3a7 unzip: patch CVE-2015-7696, CVE-2015-7697 and integer underflow 
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2015-11-01 16:19:56 +01:00

16 lines
421 B
Diff
Raw Blame History

--- a/extract.c
+++ b/extract.c
@@ -2728,6 +2728,12 @@ __GDEF
int repeated_buf_err;
bz_stream bstrm;
+ if (G.incnt <= 0 && G.csize <= 0L) {
+ /* avoid an infinite loop */
+ Trace((stderr, "UZbunzip2() got empty input\n"));
+ return 2;
+ }
+
#if (defined(DLL) && !defined(NO_SLIDE_REDIR))
if (G.redirect_slide)
wsize = G.redirect_size, redirSlide = G.redirect_buffer;
View Git Blame Copy Permalink