1 files changed, 78 insertions, 120 deletions
diff --git a/meta/recipes-extended/unzip/unzip/fix-security-format.patch b/meta/recipes-extended/unzip/unzip/fix-security-format.patch
index c82f502552..8e9b06c423 100644
--- a/meta/recipes-extended/unzip/unzip/fix-security-format.patch
+++ b/meta/recipes-extended/unzip/unzip/fix-security-format.patch
@@ -9,131 +9,89 @@ Upstream-Status: Pending
 Signed-off-by: Edwin Plauchu <edwin.plauchu.camacho@intel.com>
-diff --git a/unzpriv.h b/unzpriv.h
+diff --git a/extract.c b/extract.c
-index c8d3eab..85e693a 100644
+index 7cd9123..25c5a62 100644
--- a/unzpriv.h
+--- a/extract.c
-+++ b/unzpriv.h
+++ b/extract.c
-@@ -1006,7 +1006,7 @@
+@@ -475,7 +475,7 @@ int extract_or_test_files(__G)    /* return PK-type error code */
- #    define LoadFarStringSmall(x)   Qstrfix(x)
+                     Info(slide, 0x401, ((char *)slide,
- #    define LoadFarStringSmall2(x)  Qstrfix(x)
+                       LoadFarString(CentSigMsg), j + blknum*DIR_BLKSIZ + 1));
- #  else
+                     Info(slide, 0x401, ((char *)slide,
-#    define LoadFarString(x)        (char *)(x)
+-                      LoadFarString(ReportMsg)));
-+#    define LoadFarString(x)        "%s",(char *)(x)
+                      "%s",LoadFarString(ReportMsg)));
- #    define LoadFarStringSmall(x)   (char *)(x)
+                     error_in_archive = PK_BADERR;
- #    define LoadFarStringSmall2(x)  (char *)(x)
- #  endif
-diff --git a/fileio.c b/fileio.c
-index 36bfea3..ca779c2 100644
--- a/fileio.c
-+++ b/fileio.c
-@@ -588,8 +588,8 @@ unsigned readbuf(__G__ buf, size)   /* return number of bytes read into buf */
-             else if (G.incnt < 0) {
-                 /* another hack, but no real harm copying same thing twice */
-                 (*G.message)((zvoid *)&G,
-                  (uch *)LoadFarString(ReadError),  /* CANNOT use slide */
-                  (ulg)strlen(LoadFarString(ReadError)), 0x401);
-+                  (uch *)(char*)(ReadError),  /* CANNOT use slide */
-+                  (ulg)strlen((char*)(ReadError)), 0x401);
-                 return 0;  /* discarding some data; better than lock-up */
-             }
-             /* buffer ALWAYS starts on a block boundary:  */
-@@ -631,8 +631,8 @@ int readbyte(__G)   /* refill inbuf and return a byte if available, else EOF */
-         } else if (G.incnt < 0) {  /* "fail" (abort, retry, ...) returns this */
-             /* another hack, but no real harm copying same thing twice */
-             (*G.message)((zvoid *)&G,
-              (uch *)LoadFarString(ReadError),
-              (ulg)strlen(LoadFarString(ReadError)), 0x401);
-+              (uch *)(char*)(ReadError),
-+              (ulg)strlen((char*)(ReadError)), 0x401);
-             echon();
- #ifdef WINDLL
-             longjmp(dll_error_return, 1);
-@@ -1356,7 +1356,7 @@ int UZ_EXP UzpMessagePrnt(pG, buf, size, flag)
-                 ++((Uz_Globs *)pG)->lines;
-                 if (((Uz_Globs *)pG)->lines >= ((Uz_Globs *)pG)->height)
-                     (*((Uz_Globs *)pG)->mpause)((zvoid *)pG,
-                      LoadFarString(MorePrompt), 1);
-+                      (char*)(MorePrompt), 1);
-             }
- #endif /* MORE */
-             if (MSG_STDERR(flag) && ((Uz_Globs *)pG)->UzO.tflag &&
-@@ -1416,7 +1416,7 @@ int UZ_EXP UzpMessagePrnt(pG, buf, size, flag)
-                     ((Uz_Globs *)pG)->sol = TRUE;
-                     q = p + 1;
-                     (*((Uz_Globs *)pG)->mpause)((zvoid *)pG,
-                      LoadFarString(MorePrompt), 1);
-+                      (char*)(MorePrompt), 1);
                 }
+                 reached_end = TRUE;     /* ...so no more left to do */
+@@ -754,8 +754,8 @@ int extract_or_test_files(__G)    /* return PK-type error code */
+ #ifndef SFX
+     if (no_endsig_found) {                      /* just to make sure */
+-        Info(slide, 0x401, ((char *)slide, LoadFarString(EndSigMsg)));
+-        Info(slide, 0x401, ((char *)slide, LoadFarString(ReportMsg)));
+        Info(slide, 0x401, ((char *)slide, "%s", LoadFarString(EndSigMsg)));
+        Info(slide, 0x401, ((char *)slide, "%s", LoadFarString(ReportMsg)));
+         if (!error_in_archive)       /* don't overwrite stronger error */
+             error_in_archive = PK_WARN;
+     }
+diff --git a/list.c b/list.c
+index 15e0011..0b484f6 100644
+--- a/list.c
+++ b/list.c
+@@ -181,7 +181,7 @@ int list_files(__G)    /* return PK-type error code */
+                 Info(slide, 0x401,
+                      ((char *)slide, LoadFarString(CentSigMsg), j));
+                 Info(slide, 0x401,
+-                     ((char *)slide, LoadFarString(ReportMsg)));
+                     ((char *)slide, "%s", LoadFarString(ReportMsg)));
+                 return PK_BADERR;   /* sig not found */
             }
-             INCSTR(p);
+         }
-@@ -2176,7 +2176,7 @@ int do_string(__G__ length, option)   /* return PK-type error code */
+@@ -507,7 +507,7 @@ int list_files(__G)    /* return PK-type error code */
-                     (*G.message)((zvoid *)&G, slide, (ulg)(q-slide), 0);
+             && (!G.ecrec.is_zip64_archive)
-                     q = slide;
+             && (memcmp(G.sig, end_central_sig, 4) != 0)
-                     if (pause && G.extract_flag) /* don't pause for list/test */
+            ) {          /* just to make sure again */
-                        (*G.mpause)((zvoid *)&G, LoadFarString(QuitPrompt), 0);
+-            Info(slide, 0x401, ((char *)slide, LoadFarString(EndSigMsg)));
-+                        (*G.mpause)((zvoid *)&G, (char*)(QuitPrompt), 0);
+            Info(slide, 0x401, ((char *)slide, "%s", LoadFarString(EndSigMsg)));
-                 }
+             error_in_archive = PK_WARN;   /* didn't find sig */
+         }
+@@ -591,7 +591,7 @@ int get_time_stamp(__G__ last_modtime, nmember)  /* return PK-type error code */
+                 Info(slide, 0x401,
+                      ((char *)slide, LoadFarString(CentSigMsg), j));
+                 Info(slide, 0x401,
+-                     ((char *)slide, LoadFarString(ReportMsg)));
+                     ((char *)slide, "%s", LoadFarString(ReportMsg)));
+                 return PK_BADERR;   /* sig not found */
             }
-             (*G.message)((zvoid *)&G, slide, (ulg)(q-slide), 0);
+         }
-diff --git a/unzip.c b/unzip.c
+@@ -674,7 +674,7 @@ int get_time_stamp(__G__ last_modtime, nmember)  /* return PK-type error code */
-index 2d94a38..ca135af 100644
+   ---------------------------------------------------------------------------*/
--- a/unzip.c
-+++ b/unzip.c
-@@ -1079,7 +1079,7 @@ int unzip(__G__ argc, argv)
- #ifndef _WIN32_WCE /* Win CE does not support environment variables */
-         if ((error = envargs(&argc, &argv, LoadFarStringSmall(EnvZipInfo),
-                              LoadFarStringSmall2(EnvZipInfo2))) != PK_OK)
-            perror(LoadFarString(NoMemEnvArguments));
-+            perror((char*)(NoMemEnvArguments));
- #endif
-     } else
- #endif /* !NO_ZIPINFO */
-@@ -1088,7 +1088,7 @@ int unzip(__G__ argc, argv)
- #ifndef _WIN32_WCE /* Win CE does not support environment variables */
-         if ((error = envargs(&argc, &argv, LoadFarStringSmall(EnvUnZip),
-                              LoadFarStringSmall2(EnvUnZip2))) != PK_OK)
-            perror(LoadFarString(NoMemEnvArguments));
-+            perror((char*)(NoMemEnvArguments));
- #endif
-     }
 
+     if (memcmp(G.sig, end_central_sig, 4)) {    /* just to make sure again */
+-        Info(slide, 0x401, ((char *)slide, LoadFarString(EndSigMsg)));
+        Info(slide, 0x401, ((char *)slide, "%s", LoadFarString(EndSigMsg)));
+         error_in_archive = PK_WARN;
+     }
+     if (*nmember == 0L && error_in_archive <= PK_WARN)
 diff --git a/zipinfo.c b/zipinfo.c
-index 0ac75b3..8a0887c 100644
+index 0ac75b3..1e7fa82 100644
 --- a/zipinfo.c
 +++ b/zipinfo.c
-@@ -1640,14 +1640,14 @@ static int zi_long(__G__ pEndprev, error_in_archive)
+@@ -833,7 +833,7 @@ int zipinfo(__G)   /* return PK-type error code */
+                 Info(slide, 0x401,
+                      ((char *)slide, LoadFarString(CentSigMsg), j));
+                 Info(slide, 0x401,
+-                     ((char *)slide, LoadFarString(ReportMsg)));
+                     ((char *)slide, "%s", LoadFarString(ReportMsg)));
+                 error_in_archive = PK_BADERR;   /* sig not found */
+                 break;
+             }
+@@ -1022,7 +1022,7 @@ int zipinfo(__G)   /* return PK-type error code */
+             && (!G.ecrec.is_zip64_archive)
+             && (memcmp(G.sig, end_central_sig, 4) != 0)
+            ) {          /* just to make sure again */
+-            Info(slide, 0x401, ((char *)slide, LoadFarString(EndSigMsg)));
+            Info(slide, 0x401, ((char *)slide, "%s", LoadFarString(EndSigMsg)));
+             error_in_archive = PK_WARN;   /* didn't find sig */
+         }
 
-                         *types = '\0';
-                         if (*ef_ptr & 1) {
-                            strcpy(types, LoadFarString(UTmodification));
-+                            strcpy(types, (char*)(UTmodification));
-                             ++num;
-                         }
-                         if (*ef_ptr & 2) {
-                             len = strlen(types);
-                             if (num)
-                                 types[len++] = '/';
-                            strcpy(types+len, LoadFarString(UTaccess));
-+                            strcpy(types+len, (char*)(UTaccess));
-                             ++num;
-                             if (*pEndprev > 0L)
-                                 *pEndprev += 4L;
-@@ -1656,7 +1656,7 @@ static int zi_long(__G__ pEndprev, error_in_archive)
-                             len = strlen(types);
-                             if (num)
-                                 types[len++] = '/';
-                            strcpy(types+len, LoadFarString(UTcreation));
-+                            strcpy(types+len, (char *)(UTcreation));
-                             ++num;
-                             if (*pEndprev > 0L)
-                                 *pEndprev += 4L;
-@@ -2331,7 +2331,7 @@ static char *zi_time(__G__ datetimez, modtimez, d_t_str)
-             /* time conversion error in verbose listing format,
-              * return string with '?' instead of data
-              */
-            return (strcpy(d_t_str, LoadFarString(lngYMDHMSTimeError)));
-+            return (strcpy(d_t_str, (char*)(lngYMDHMSTimeError)));
-     } else
-         t = (struct tm *)NULL;
-     if (t != (struct tm *)NULL) {

diff --git a/meta/recipes-extended/unzip/unzip/fix-security-format.patch b/meta/recipes-extended/unzip/unzip/fix-security-format.patch index c82f502552..8e9b06c423 100644 --- a/meta/recipes-extended/unzip/unzip/fix-security-format.patch +++ b/meta/recipes-extended/unzip/unzip/fix-security-format.patch
@@ -9,131 +9,89 @@ Upstream-Status: Pending
9		9
10	Signed-off-by: Edwin Plauchu <edwin.plauchu.camacho@intel.com>	10	Signed-off-by: Edwin Plauchu <edwin.plauchu.camacho@intel.com>
11		11
12	diff --git a/unzpriv.h b/unzpriv.h	12	diff --git a/extract.c b/extract.c
13	index c8d3eab..85e693a 100644	13	index 7cd9123..25c5a62 100644
14	--- a/unzpriv.h	14	--- a/extract.c
15	+++ b/unzpriv.h	15	+++ b/extract.c
16	@@ -1006,7 +1006,7 @@	16	@@ -475,7 +475,7 @@ int extract_or_test_files(__G) /* return PK-type error code */
17	# define LoadFarStringSmall(x) Qstrfix(x)	17	Info(slide, 0x401, ((char *)slide,
18	# define LoadFarStringSmall2(x) Qstrfix(x)	18	LoadFarString(CentSigMsg), j + blknum*DIR_BLKSIZ + 1));
19	# else	19	Info(slide, 0x401, ((char *)slide,
20	-# define LoadFarString(x) (char *)(x)	20	- LoadFarString(ReportMsg)));
21	+# define LoadFarString(x) "%s",(char *)(x)	21	+ "%s",LoadFarString(ReportMsg)));
22	# define LoadFarStringSmall(x) (char *)(x)	22	error_in_archive = PK_BADERR;
23	# define LoadFarStringSmall2(x) (char *)(x)
24	# endif
25	diff --git a/fileio.c b/fileio.c
26	index 36bfea3..ca779c2 100644
27	--- a/fileio.c
28	+++ b/fileio.c
29	@@ -588,8 +588,8 @@ unsigned readbuf(__G__ buf, size) /* return number of bytes read into buf */
30	else if (G.incnt < 0) {
31	/* another hack, but no real harm copying same thing twice */
32	(G.message)((zvoid )&G,
33	- (uch )LoadFarString(ReadError), / CANNOT use slide */
34	- (ulg)strlen(LoadFarString(ReadError)), 0x401);
35	+ (uch )(char)(ReadError), /* CANNOT use slide */
36	+ (ulg)strlen((char*)(ReadError)), 0x401);
37	return 0; /* discarding some data; better than lock-up */
38	}
39	/* buffer ALWAYS starts on a block boundary: */
40	@@ -631,8 +631,8 @@ int readbyte(__G) /* refill inbuf and return a byte if available, else EOF */
41	} else if (G.incnt < 0) { /* "fail" (abort, retry, ...) returns this */
42	/* another hack, but no real harm copying same thing twice */
43	(G.message)((zvoid )&G,
44	- (uch *)LoadFarString(ReadError),
45	- (ulg)strlen(LoadFarString(ReadError)), 0x401);
46	+ (uch )(char)(ReadError),
47	+ (ulg)strlen((char*)(ReadError)), 0x401);
48	echon();
49	#ifdef WINDLL
50	longjmp(dll_error_return, 1);
51	@@ -1356,7 +1356,7 @@ int UZ_EXP UzpMessagePrnt(pG, buf, size, flag)
52	++((Uz_Globs *)pG)->lines;
53	if (((Uz_Globs )pG)->lines >= ((Uz_Globs )pG)->height)
54	(((Uz_Globs )pG)->mpause)((zvoid *)pG,
55	- LoadFarString(MorePrompt), 1);
56	+ (char*)(MorePrompt), 1);
57	}
58	#endif /* MORE */
59	if (MSG_STDERR(flag) && ((Uz_Globs *)pG)->UzO.tflag &&
60	@@ -1416,7 +1416,7 @@ int UZ_EXP UzpMessagePrnt(pG, buf, size, flag)
61	((Uz_Globs *)pG)->sol = TRUE;
62	q = p + 1;
63	(((Uz_Globs )pG)->mpause)((zvoid *)pG,
64	- LoadFarString(MorePrompt), 1);
65	+ (char*)(MorePrompt), 1);
66	}	23	}
		24	reached_end = TRUE; /* ...so no more left to do */
		25	@@ -754,8 +754,8 @@ int extract_or_test_files(__G) /* return PK-type error code */
		26
		27	#ifndef SFX
		28	if (no_endsig_found) { /* just to make sure */
		29	- Info(slide, 0x401, ((char *)slide, LoadFarString(EndSigMsg)));
		30	- Info(slide, 0x401, ((char *)slide, LoadFarString(ReportMsg)));
		31	+ Info(slide, 0x401, ((char *)slide, "%s", LoadFarString(EndSigMsg)));
		32	+ Info(slide, 0x401, ((char *)slide, "%s", LoadFarString(ReportMsg)));
		33	if (!error_in_archive) /* don't overwrite stronger error */
		34	error_in_archive = PK_WARN;
		35	}
		36	diff --git a/list.c b/list.c
		37	index 15e0011..0b484f6 100644
		38	--- a/list.c
		39	+++ b/list.c
		40	@@ -181,7 +181,7 @@ int list_files(__G) /* return PK-type error code */
		41	Info(slide, 0x401,
		42	((char *)slide, LoadFarString(CentSigMsg), j));
		43	Info(slide, 0x401,
		44	- ((char *)slide, LoadFarString(ReportMsg)));
		45	+ ((char *)slide, "%s", LoadFarString(ReportMsg)));
		46	return PK_BADERR; /* sig not found */
67	}	47	}
68	INCSTR(p);	48	}
69	@@ -2176,7 +2176,7 @@ int do_string(__G__ length, option) /* return PK-type error code */	49	@@ -507,7 +507,7 @@ int list_files(__G) /* return PK-type error code */
70	(G.message)((zvoid )&G, slide, (ulg)(q-slide), 0);	50	&& (!G.ecrec.is_zip64_archive)
71	q = slide;	51	&& (memcmp(G.sig, end_central_sig, 4) != 0)
72	if (pause && G.extract_flag) /* don't pause for list/test */	52	) { /* just to make sure again */
73	- (G.mpause)((zvoid )&G, LoadFarString(QuitPrompt), 0);	53	- Info(slide, 0x401, ((char *)slide, LoadFarString(EndSigMsg)));
74	+ (G.mpause)((zvoid )&G, (char*)(QuitPrompt), 0);	54	+ Info(slide, 0x401, ((char *)slide, "%s", LoadFarString(EndSigMsg)));
75	}	55	error_in_archive = PK_WARN; /* didn't find sig */
		56	}
		57
		58	@@ -591,7 +591,7 @@ int get_time_stamp(__G__ last_modtime, nmember) /* return PK-type error code */
		59	Info(slide, 0x401,
		60	((char *)slide, LoadFarString(CentSigMsg), j));
		61	Info(slide, 0x401,
		62	- ((char *)slide, LoadFarString(ReportMsg)));
		63	+ ((char *)slide, "%s", LoadFarString(ReportMsg)));
		64	return PK_BADERR; /* sig not found */
76	}	65	}
77	(G.message)((zvoid )&G, slide, (ulg)(q-slide), 0);	66	}
78	diff --git a/unzip.c b/unzip.c	67	@@ -674,7 +674,7 @@ int get_time_stamp(__G__ last_modtime, nmember) /* return PK-type error code */
79	index 2d94a38..ca135af 100644	68	---------------------------------------------------------------------------*/
80	--- a/unzip.c
81	+++ b/unzip.c
82	@@ -1079,7 +1079,7 @@ int unzip(__G__ argc, argv)
83	#ifndef _WIN32_WCE /* Win CE does not support environment variables */
84	if ((error = envargs(&argc, &argv, LoadFarStringSmall(EnvZipInfo),
85	LoadFarStringSmall2(EnvZipInfo2))) != PK_OK)
86	- perror(LoadFarString(NoMemEnvArguments));
87	+ perror((char*)(NoMemEnvArguments));
88	#endif
89	} else
90	#endif /* !NO_ZIPINFO */
91	@@ -1088,7 +1088,7 @@ int unzip(__G__ argc, argv)
92	#ifndef _WIN32_WCE /* Win CE does not support environment variables */
93	if ((error = envargs(&argc, &argv, LoadFarStringSmall(EnvUnZip),
94	LoadFarStringSmall2(EnvUnZip2))) != PK_OK)
95	- perror(LoadFarString(NoMemEnvArguments));
96	+ perror((char*)(NoMemEnvArguments));
97	#endif
98	}
99		69
		70	if (memcmp(G.sig, end_central_sig, 4)) { /* just to make sure again */
		71	- Info(slide, 0x401, ((char *)slide, LoadFarString(EndSigMsg)));
		72	+ Info(slide, 0x401, ((char *)slide, "%s", LoadFarString(EndSigMsg)));
		73	error_in_archive = PK_WARN;
		74	}
		75	if (*nmember == 0L && error_in_archive <= PK_WARN)
100	diff --git a/zipinfo.c b/zipinfo.c	76	diff --git a/zipinfo.c b/zipinfo.c
101	index 0ac75b3..8a0887c 100644	77	index 0ac75b3..1e7fa82 100644
102	--- a/zipinfo.c	78	--- a/zipinfo.c
103	+++ b/zipinfo.c	79	+++ b/zipinfo.c
104	@@ -1640,14 +1640,14 @@ static int zi_long(__G__ pEndprev, error_in_archive)	80	@@ -833,7 +833,7 @@ int zipinfo(__G) /* return PK-type error code */
		81	Info(slide, 0x401,
		82	((char *)slide, LoadFarString(CentSigMsg), j));
		83	Info(slide, 0x401,
		84	- ((char *)slide, LoadFarString(ReportMsg)));
		85	+ ((char *)slide, "%s", LoadFarString(ReportMsg)));
		86	error_in_archive = PK_BADERR; /* sig not found */
		87	break;
		88	}
		89	@@ -1022,7 +1022,7 @@ int zipinfo(__G) /* return PK-type error code */
		90	&& (!G.ecrec.is_zip64_archive)
		91	&& (memcmp(G.sig, end_central_sig, 4) != 0)
		92	) { /* just to make sure again */
		93	- Info(slide, 0x401, ((char *)slide, LoadFarString(EndSigMsg)));
		94	+ Info(slide, 0x401, ((char *)slide, "%s", LoadFarString(EndSigMsg)));
		95	error_in_archive = PK_WARN; /* didn't find sig */
		96	}
105		97
106	*types = '\0';
107	if (*ef_ptr & 1) {
108	- strcpy(types, LoadFarString(UTmodification));
109	+ strcpy(types, (char*)(UTmodification));
110	++num;
111	}
112	if (*ef_ptr & 2) {
113	len = strlen(types);
114	if (num)
115	types[len++] = '/';
116	- strcpy(types+len, LoadFarString(UTaccess));
117	+ strcpy(types+len, (char*)(UTaccess));
118	++num;
119	if (*pEndprev > 0L)
120	*pEndprev += 4L;
121	@@ -1656,7 +1656,7 @@ static int zi_long(__G__ pEndprev, error_in_archive)
122	len = strlen(types);
123	if (num)
124	types[len++] = '/';
125	- strcpy(types+len, LoadFarString(UTcreation));
126	+ strcpy(types+len, (char *)(UTcreation));
127	++num;
128	if (*pEndprev > 0L)
129	*pEndprev += 4L;
130	@@ -2331,7 +2331,7 @@ static char *zi_time(__G__ datetimez, modtimez, d_t_str)
131	/* time conversion error in verbose listing format,
132	* return string with '?' instead of data
133	*/
134	- return (strcpy(d_t_str, LoadFarString(lngYMDHMSTimeError)));
135	+ return (strcpy(d_t_str, (char*)(lngYMDHMSTimeError)));
136	} else
137	t = (struct tm *)NULL;
138	if (t != (struct tm *)NULL) {
139