diff options
| author |   Mike Frysinger <vapier@gentoo.org> | 2008-03-29 02:37:33 +0000 |
|---|---|---|
| committer | Mike Frysinger <vapier@gentoo.org> | 2008-03-29 02:37:33 +0000 |
| commit | bdbfefadfcaf4749c2d703cd5bb7a4fbf24d2262 (patch) | |
| tree | ff43b7d0a409ebd972dcb4365dfb31dfb71b149c /app-arch/unzip/files | |
| parent | old (diff) | |
| download | gentoo-2-bdbfefadfcaf4749c2d703cd5bb7a4fbf24d2262.tar.gz gentoo-2-bdbfefadfcaf4749c2d703cd5bb7a4fbf24d2262.tar.bz2 gentoo-2-bdbfefadfcaf4749c2d703cd5bb7a4fbf24d2262.zip | |
Fix for CVE-2008-0888 #213761.
(Portage version: 2.2_pre5)
Diffstat (limited to 'app-arch/unzip/files')
| -rw-r--r-- | app-arch/unzip/files/unzip-5.52-CVE-2008-0888.patch | 35 |
1 files changed, 35 insertions, 0 deletions
diff --git a/app-arch/unzip/files/unzip-5.52-CVE-2008-0888.patch b/app-arch/unzip/files/unzip-5.52-CVE-2008-0888.patch new file mode 100644 index 000000000000..368b3eeb122d --- /dev/null +++ b/app-arch/unzip/files/unzip-5.52-CVE-2008-0888.patch @@ -0,0 +1,35 @@ +http://bugs.gentoo.org/213761 + +fix for CVE-2008-0888 + +--- inflate.c ++++ inflate.c +@@ -983,6 +983,7 @@ + unsigned l; /* last length */ + unsigned m; /* mask for bit lengths table */ + unsigned n; /* number of lengths to get */ ++ struct huft *tlp; + struct huft *tl; /* literal/length code table */ + struct huft *td; /* distance code table */ + unsigned bl; /* lookup bits for tl */ +@@ -996,6 +997,8 @@ + int retval = 0; /* error code returned: initialized to "no error" */ + + ++ td = tlp = tl = (struct huft *)NULL; ++ + /* make local bit buffer */ + Trace((stderr, "\ndynamic block")); + b = G.bb; +@@ -1047,9 +1050,9 @@ + while (i < n) + { + NEEDBITS(bl) +- j = (td = tl + ((unsigned)b & m))->b; ++ j = (tlp = tl + ((unsigned)b & m))->b; + DUMPBITS(j) +- j = td->v.n; ++ j = tlp->v.n; + if (j < 16) /* length of code in bits (0..15) */ + ll[i++] = l = j; /* save last length in l */ + else if (j == 16) /* repeat last length 3 to 6 times */ |