summary refs log tree commit diff
path: root/gnu/packages/patches/lrzip-CVE-2017-8842.patch
diff options
context:
space:
mode:
authorMarius Bakke <mbakke@fastmail.com>2018-03-18 01:09:25 +0100
committerMarius Bakke <mbakke@fastmail.com>2018-03-18 01:09:25 +0100
commit7ace97395feedc4b3ec23be65f2ed63f29aac9a9 (patch)
tree768956fa30fc7b21e4e4715eafbb10dab32b2847 /gnu/packages/patches/lrzip-CVE-2017-8842.patch
parenta248a9ac6a67213b177ab5ba9ec270638c9dd002 (diff)
parentbe5ed142135e939cd23fcfe88c553fd28b32ac53 (diff)
downloadguix-7ace97395feedc4b3ec23be65f2ed63f29aac9a9.tar.gz
Merge branch 'master' into staging
Diffstat (limited to 'gnu/packages/patches/lrzip-CVE-2017-8842.patch')
-rw-r--r--gnu/packages/patches/lrzip-CVE-2017-8842.patch23
1 files changed, 23 insertions, 0 deletions
diff --git a/gnu/packages/patches/lrzip-CVE-2017-8842.patch b/gnu/packages/patches/lrzip-CVE-2017-8842.patch
new file mode 100644
index 0000000000..89b4f2f5d9
--- /dev/null
+++ b/gnu/packages/patches/lrzip-CVE-2017-8842.patch
@@ -0,0 +1,23 @@
+From 38386bd482c0a8102a79958cb3eddcb97a167ca3 Mon Sep 17 00:00:00 2001
+From: Con Kolivas <kernel@kolivas.org>
+Date: Fri, 9 Mar 2018 17:39:40 +1100
+Subject: [PATCH] CVE-2017-8842 Fix divide-by-zero in bufRead::get
+
+---
+ libzpaq/libzpaq.h | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/libzpaq/libzpaq.h b/libzpaq/libzpaq.h
+index 93387da..cbe211d 100644
+--- a/libzpaq/libzpaq.h
++++ b/libzpaq/libzpaq.h
+@@ -465,7 +465,8 @@ struct bufRead: public libzpaq::Reader {
+ 
+ 	int get() {
+ 		if (progress && !(*s_len % 128)) {
+-			int pct = (total_len - *s_len) * 100 / total_len;
++			int pct = (total_len > 0) ?
++				(total_len - *s_len) * 100 / total_len : 100;
+ 
+ 			if (pct / 10 != *last_pct / 10) {
+ 				int i;