summary refs log tree commit diff
path: root/gnu/packages/patches/zziplib-CVE-2017-5974.patch
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/packages/patches/zziplib-CVE-2017-5974.patch')
-rw-r--r--gnu/packages/patches/zziplib-CVE-2017-5974.patch28
1 files changed, 0 insertions, 28 deletions
diff --git a/gnu/packages/patches/zziplib-CVE-2017-5974.patch b/gnu/packages/patches/zziplib-CVE-2017-5974.patch
deleted file mode 100644
index 9ae02103e7..0000000000
--- a/gnu/packages/patches/zziplib-CVE-2017-5974.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-Fix CVE-2017-5974:
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5974
-
-Patch copied from Debian.
-
-Index: zziplib-0.13.62/zzip/memdisk.c
-===================================================================
---- zziplib-0.13.62.orig/zzip/memdisk.c
-+++ zziplib-0.13.62/zzip/memdisk.c
-@@ -216,12 +216,12 @@ zzip_mem_entry_new(ZZIP_DISK * disk, ZZI
-         /* override sizes/offsets with zip64 values for largefile support */
-         zzip_extra_zip64 *block = (zzip_extra_zip64 *)
-             zzip_mem_entry_extra_block(item, ZZIP_EXTRA_zip64);
--        if (block)
-+        if (block && ZZIP_GET16(block->z_datasize) >= (8 + 8 + 8 + 4))
-         {
--            item->zz_usize = __zzip_get64(block->z_usize);
--            item->zz_csize = __zzip_get64(block->z_csize);
--            item->zz_offset = __zzip_get64(block->z_offset);
--            item->zz_diskstart = __zzip_get32(block->z_diskstart);
-+            item->zz_usize = ZZIP_GET64(block->z_usize);
-+            item->zz_csize = ZZIP_GET64(block->z_csize);
-+            item->zz_offset = ZZIP_GET64(block->z_offset);
-+            item->zz_diskstart = ZZIP_GET32(block->z_diskstart);
-         }
-     }
-     /* NOTE:
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-11-20 02:27:08 +0000