4e76995571
fixes for CVE-2017-5974, CVE-2017-5975, CVE-2017-5976, CVE-2017-5978, CVE-2017-5979, CVE-2017-5980 and CVE-2017-5981. Patches from SuSe via https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854727#35
15 lines
506 B
Diff
15 lines
506 B
Diff
Index: zziplib-0.13.62/zzip/fseeko.c
|
|
===================================================================
|
|
--- zzip/fseeko.c
|
|
+++ zzip/fseeko.c
|
|
@@ -311,7 +311,8 @@ zzip_entry_findfirst(FILE * disk)
|
|
} else
|
|
continue;
|
|
|
|
- assert(0 <= root && root < mapsize);
|
|
+ if (root < 0 || root >= mapsize)
|
|
+ goto error;
|
|
if (fseeko(disk, root, SEEK_SET) == -1)
|
|
goto error;
|
|
if (fread(disk_(entry), 1, sizeof(*disk_(entry)), disk)
|