archivers/libzip:

- Add patch to fix CVE-2015-2331: ZIP Integer Overflow [1]
- Add CPE

PR:		198913 [1]
Reported by:	Sevan Janiyan
This commit is contained in:
Max Brazhnikov 2015-03-28 16:48:15 +00:00
parent 99c3bc7633
commit 31a383009b
Notes: svn2git 2021-03-31 03:12:20 +00:00
svn path=/head/; revision=382523
2 changed files with 18 additions and 2 deletions

View file

@ -3,16 +3,18 @@
PORTNAME= libzip
PORTVERSION= 0.11.2
PORTREVISION= 1
PORTREVISION= 2
CATEGORIES= archivers devel
MASTER_SITES= http://www.nih.at/libzip/
MAINTAINER= makc@FreeBSD.org
COMMENT= C library for reading, creating, and modifying ZIP archives
CPE_VENDOR= nih
GNU_CONFIGURE= yes
MAKE_ENV= LC_ALL="C"
USES= libtool pathfix tar:xz
USES= cpe libtool pathfix tar:xz
USE_LDCONFIG= yes
INSTALL_TARGET= install-strip

View file

@ -0,0 +1,14 @@
CVE-2015-2331: ZIP Integer Overflow
Upstream commit: http://hg.nih.at/libzip/rev/9f11d54f692e
--- lib/zip_dirent.c.orig 2013-11-28 16:57:10 UTC
+++ lib/zip_dirent.c
@@ -110,7 +110,7 @@ _zip_cdir_new(zip_uint64_t nentry, struc
if (nentry == 0)
cd->entry = NULL;
- else if ((cd->entry=(struct zip_entry *)malloc(sizeof(*(cd->entry))*(size_t)nentry)) == NULL) {
+ else if ((nentry > SIZE_MAX/sizeof(*(cd->entry))) || (cd->entry=(struct zip_entry *)malloc(sizeof(*(cd->entry))*(size_t)nentry)) == NULL) {
_zip_error_set(error, ZIP_ER_MEMORY, 0);
free(cd);
return NULL;