diff options
Diffstat (limited to 'dev-libs/libzip/files/libzip-1.2.0-CVE-2017-14107.patch')
-rw-r--r-- | dev-libs/libzip/files/libzip-1.2.0-CVE-2017-14107.patch | 27 |
1 files changed, 0 insertions, 27 deletions
diff --git a/dev-libs/libzip/files/libzip-1.2.0-CVE-2017-14107.patch b/dev-libs/libzip/files/libzip-1.2.0-CVE-2017-14107.patch deleted file mode 100644 index 3d1f9a0aabc3..000000000000 --- a/dev-libs/libzip/files/libzip-1.2.0-CVE-2017-14107.patch +++ /dev/null @@ -1,27 +0,0 @@ -From 9b46957ec98d85a572e9ef98301247f39338a3b5 Mon Sep 17 00:00:00 2001 -From: Thomas Klausner <tk@giga.or.at> -Date: Tue, 29 Aug 2017 10:25:03 +0200 -Subject: [PATCH] Make eocd checks more consistent between zip and zip64 cases. - ---- - lib/zip_open.c | 7 ++++++- - 1 file changed, 6 insertions(+), 1 deletion(-) - -diff --git a/lib/zip_open.c b/lib/zip_open.c -index 3bd593b..9d3a4cb 100644 ---- a/lib/zip_open.c -+++ b/lib/zip_open.c -@@ -847,7 +847,12 @@ _zip_read_eocd64(zip_source_t *src, zip_buffer_t *buffer, zip_uint64_t buf_offse - zip_error_set(error, ZIP_ER_SEEK, EFBIG); - return NULL; - } -- if ((flags & ZIP_CHECKCONS) && offset+size != eocd_offset) { -+ if (offset+size > buf_offset + eocd_offset) { -+ /* cdir spans past EOCD record */ -+ zip_error_set(error, ZIP_ER_INCONS, 0); -+ return NULL; -+ } -+ if ((flags & ZIP_CHECKCONS) && offset+size != buf_offset + eocd_offset) { - zip_error_set(error, ZIP_ER_INCONS, 0); - return NULL; - } |