- Update to 1.3.12
- Fix security issues [1] Obtained from: SA-06:21.gzip [1] Security: 11a84092-8f9f-11db-ab33-000e0c2e438a, SA-06:21.gzip
This commit is contained in:
parent
e021b5a949
commit
1f7fbee7d8
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=192853
4 changed files with 198 additions and 4 deletions
|
@ -6,7 +6,7 @@
|
|||
#
|
||||
|
||||
PORTNAME= gzip
|
||||
PORTVERSION= 1.3.9
|
||||
PORTVERSION= 1.3.12
|
||||
CATEGORIES= archivers
|
||||
MASTER_SITES= ${MASTER_SITE_GNU}
|
||||
MASTER_SITE_SUBDIR= ${PORTNAME}
|
||||
|
|
|
@ -1,3 +1,3 @@
|
|||
MD5 (gzip-1.3.9.tar.gz) = 7cf923b24b718c418e85a283b2260e14
|
||||
SHA256 (gzip-1.3.9.tar.gz) = a6fdbe5ce21f5e4ce219375c29e842da517e61a56900a678cf258b4fdd603e72
|
||||
SIZE (gzip-1.3.9.tar.gz) = 420737
|
||||
MD5 (gzip-1.3.12.tar.gz) = b5bac2d21840ae077e0217bc5e4845b1
|
||||
SHA256 (gzip-1.3.12.tar.gz) = 3f565be05f7f3d1aff117c030eb7c738300510b7d098cedea796ca8e4cd587af
|
||||
SIZE (gzip-1.3.12.tar.gz) = 462169
|
||||
|
|
193
archivers/gzip/files/patch-FreeBSD-SA-06-21.gzip
Normal file
193
archivers/gzip/files/patch-FreeBSD-SA-06-21.gzip
Normal file
|
@ -0,0 +1,193 @@
|
|||
--- gzip.h.orig Tue Jun 5 16:51:48 2007
|
||||
+++ gzip.h Tue Jun 5 16:52:40 2007
|
||||
@@ -223,6 +223,8 @@
|
||||
extern int to_stdout; /* output to stdout (-c) */
|
||||
extern int save_orig_name; /* set if original name must be saved */
|
||||
|
||||
+#define MIN(a,b) ((a) <= (b) ? (a) : (b))
|
||||
+
|
||||
#define get_byte() (inptr < insize ? inbuf[inptr++] : fill_inbuf(0))
|
||||
#define try_byte() (inptr < insize ? inbuf[inptr++] : fill_inbuf(1))
|
||||
|
||||
--- inflate.c.orig Tue Jun 5 16:41:18 2007
|
||||
+++ inflate.c Tue Jun 5 16:42:31 2007
|
||||
@@ -335,16 +335,9 @@
|
||||
} while (--i);
|
||||
if (c[0] == n) /* null input--all zero length codes */
|
||||
{
|
||||
- q = (struct huft *) malloc (2 * sizeof *q);
|
||||
- if (!q)
|
||||
- return 3;
|
||||
- hufts += 2;
|
||||
- q[0].v.t = (struct huft *) NULL;
|
||||
- q[1].e = 99; /* invalid code marker */
|
||||
- q[1].b = 1;
|
||||
- *t = q + 1;
|
||||
- *m = 1;
|
||||
- return 0;
|
||||
+ *t = (struct huft *)NULL;
|
||||
+ *m = 0;
|
||||
+ return 2;
|
||||
}
|
||||
|
||||
|
||||
--- unlzh.c.orig Tue Jun 5 16:42:54 2007
|
||||
+++ unlzh.c Tue Jun 5 16:50:29 2007
|
||||
@@ -145,13 +145,17 @@
|
||||
unsigned i, k, len, ch, jutbits, avail, nextcode, mask;
|
||||
|
||||
for (i = 1; i <= 16; i++) count[i] = 0;
|
||||
- for (i = 0; i < (unsigned)nchar; i++) count[bitlen[i]]++;
|
||||
+ for (i = 0; i < (unsigned)nchar; i++) {
|
||||
+ if (bitlen[i] > 16)
|
||||
+ gzip_error("Bad table (case a)\n");
|
||||
+ else count[bitlen[i]]++;
|
||||
+ }
|
||||
|
||||
start[1] = 0;
|
||||
for (i = 1; i <= 16; i++)
|
||||
start[i + 1] = start[i] + (count[i] << (16 - i));
|
||||
- if ((start[17] & 0xffff) != 0)
|
||||
- gzip_error ("Bad table\n");
|
||||
+ if ((start[17] & 0xffff) != 0 || tablebits > 16) /* 16 for weight below */
|
||||
+ gzip_error("Bad table (case b)\n");
|
||||
|
||||
jutbits = 16 - tablebits;
|
||||
for (i = 1; i <= (unsigned)tablebits; i++) {
|
||||
@@ -165,15 +169,15 @@
|
||||
|
||||
i = start[tablebits + 1] >> jutbits;
|
||||
if (i != 0) {
|
||||
- k = 1 << tablebits;
|
||||
- while (i != k) table[i++] = 0;
|
||||
+ k = MIN(1 << tablebits, DIST_BUFSIZE);
|
||||
+ while (i < k) table[i++] = 0;
|
||||
}
|
||||
|
||||
avail = nchar;
|
||||
mask = (unsigned) 1 << (15 - tablebits);
|
||||
for (ch = 0; ch < (unsigned)nchar; ch++) {
|
||||
if ((len = bitlen[ch]) == 0) continue;
|
||||
- nextcode = start[len] + weight[len];
|
||||
+ nextcode = MIN(start[len] + weight[len], DIST_BUFSIZE);
|
||||
if (len <= (unsigned)tablebits) {
|
||||
if ((unsigned) 1 << tablebits < nextcode)
|
||||
gzip_error ("Bad table\n");
|
||||
@@ -216,7 +220,7 @@
|
||||
for (i = 0; i < 256; i++) pt_table[i] = c;
|
||||
} else {
|
||||
i = 0;
|
||||
- while (i < n) {
|
||||
+ while (i < MIN(n,NPT)) {
|
||||
c = bitbuf >> (BITBUFSIZ - 3);
|
||||
if (c == 7) {
|
||||
mask = (unsigned) 1 << (BITBUFSIZ - 1 - 3);
|
||||
@@ -228,7 +232,7 @@
|
||||
pt_len[i++] = c;
|
||||
if (i == i_special) {
|
||||
c = getbits(2);
|
||||
- while (--c >= 0) pt_len[i++] = 0;
|
||||
+ while (--c >= 0 && i < NPT) pt_len[i++] = 0;
|
||||
}
|
||||
}
|
||||
while (i < nn) pt_len[i++] = 0;
|
||||
@@ -248,7 +252,7 @@
|
||||
for (i = 0; i < 4096; i++) c_table[i] = c;
|
||||
} else {
|
||||
i = 0;
|
||||
- while (i < n) {
|
||||
+ while (i < MIN(n,NC)) {
|
||||
c = pt_table[bitbuf >> (BITBUFSIZ - 8)];
|
||||
if (c >= NT) {
|
||||
mask = (unsigned) 1 << (BITBUFSIZ - 1 - 8);
|
||||
@@ -256,14 +260,14 @@
|
||||
if (bitbuf & mask) c = right[c];
|
||||
else c = left [c];
|
||||
mask >>= 1;
|
||||
- } while (c >= NT);
|
||||
+ } while (c >= NT && (mask || c != left[c]));
|
||||
}
|
||||
fillbuf((int) pt_len[c]);
|
||||
if (c <= 2) {
|
||||
if (c == 0) c = 1;
|
||||
else if (c == 1) c = getbits(4) + 3;
|
||||
else c = getbits(CBIT) + 20;
|
||||
- while (--c >= 0) c_len[i++] = 0;
|
||||
+ while (--c >= 0 && i < NC) c_len[i++] = 0;
|
||||
} else c_len[i++] = c - 2;
|
||||
}
|
||||
while (i < NC) c_len[i++] = 0;
|
||||
@@ -292,7 +296,7 @@
|
||||
if (bitbuf & mask) j = right[j];
|
||||
else j = left [j];
|
||||
mask >>= 1;
|
||||
- } while (j >= NC);
|
||||
+ } while (j >= NC && (mask || j != left[j]));
|
||||
}
|
||||
fillbuf((int) c_len[j]);
|
||||
return j;
|
||||
@@ -309,7 +313,7 @@
|
||||
if (bitbuf & mask) j = right[j];
|
||||
else j = left [j];
|
||||
mask >>= 1;
|
||||
- } while (j >= NP);
|
||||
+ } while (j >= NP && (mask || j != left[j]));
|
||||
}
|
||||
fillbuf((int) pt_len[j]);
|
||||
if (j != 0) j = ((unsigned) 1 << (j - 1)) + getbits((int) (j - 1));
|
||||
@@ -356,7 +360,7 @@
|
||||
while (--j >= 0) {
|
||||
buffer[r] = buffer[i];
|
||||
i = (i + 1) & (DICSIZ - 1);
|
||||
- if (++r == count) return r;
|
||||
+ if (++r >= count) return r;
|
||||
}
|
||||
for ( ; ; ) {
|
||||
c = decode_c();
|
||||
@@ -366,14 +370,14 @@
|
||||
}
|
||||
if (c <= UCHAR_MAX) {
|
||||
buffer[r] = c;
|
||||
- if (++r == count) return r;
|
||||
+ if (++r >= count) return r;
|
||||
} else {
|
||||
j = c - (UCHAR_MAX + 1 - THRESHOLD);
|
||||
i = (r - decode_p() - 1) & (DICSIZ - 1);
|
||||
while (--j >= 0) {
|
||||
buffer[r] = buffer[i];
|
||||
i = (i + 1) & (DICSIZ - 1);
|
||||
- if (++r == count) return r;
|
||||
+ if (++r >= count) return r;
|
||||
}
|
||||
}
|
||||
}
|
||||
--- unpack.c.orig Tue Jun 5 16:50:39 2007
|
||||
+++ unpack.c Tue Jun 5 16:51:36 2007
|
||||
@@ -26,9 +26,6 @@
|
||||
#include "gzip.h"
|
||||
#include "crypt.h"
|
||||
|
||||
-#define MIN(a,b) ((a) <= (b) ? (a) : (b))
|
||||
-/* The arguments must not have side effects. */
|
||||
-
|
||||
#define MAX_BITLEN 25
|
||||
/* Maximum length of Huffman codes. (Minor modifications to the code
|
||||
* would be needed to support 32 bits codes, but pack never generates
|
||||
@@ -150,7 +147,7 @@
|
||||
/* Remember where the literals of this length start in literal[] : */
|
||||
lit_base[len] = base;
|
||||
/* And read the literals: */
|
||||
- for (n = leaves[len]; n > 0; n--) {
|
||||
+ for (n = leaves[len]; n > 0 && base < LITERALS; n--) {
|
||||
literal[base++] = (uch)get_byte();
|
||||
}
|
||||
}
|
||||
@@ -186,7 +183,7 @@
|
||||
prefixp = &prefix_len[1<<peek_bits];
|
||||
for (len = 1; len <= peek_bits; len++) {
|
||||
int prefixes = leaves[len] << (peek_bits-len); /* may be 0 */
|
||||
- while (prefixes--) *--prefixp = (uch)len;
|
||||
+ while (prefixes-- && prefixp > prefix_len) *--prefixp = (uch)len;
|
||||
}
|
||||
/* The length of all other codes is unknown: */
|
||||
while (prefixp > prefix_len) *--prefixp = 0;
|
|
@ -2,6 +2,7 @@
|
|||
bin/gunzip
|
||||
bin/gzexe
|
||||
bin/gzip
|
||||
bin/uncompress
|
||||
bin/zcat
|
||||
bin/zcmp
|
||||
bin/zdiff
|
||||
|
|
Loading…
Reference in a new issue