diff options
Diffstat (limited to 'meta/recipes-extended/unzip/unzip')
11 files changed, 622 insertions, 4 deletions
diff --git a/meta/recipes-extended/unzip/unzip/0001-configure-Add-correct-system-headers-and-prototypes-.patch b/meta/recipes-extended/unzip/unzip/0001-configure-Add-correct-system-headers-and-prototypes-.patch new file mode 100644 index 0000000000..f7e0854cd9 --- /dev/null +++ b/meta/recipes-extended/unzip/unzip/0001-configure-Add-correct-system-headers-and-prototypes-.patch | |||
@@ -0,0 +1,112 @@ | |||
1 | From 5ac5885d35257888d0e4a9dda903405314f9fc84 Mon Sep 17 00:00:00 2001 | ||
2 | From: Khem Raj <raj.khem@gmail.com> | ||
3 | Date: Wed, 10 Aug 2022 17:53:13 -0700 | ||
4 | Subject: [PATCH] configure: Add correct system headers and prototypes to tests | ||
5 | |||
6 | Newer compilers e.g. clang-15+ have turned stricter towards these | ||
7 | warnings and turned them into errors which results in subtle failures | ||
8 | during build, therefore make the testcases use the needed headers and | ||
9 | modern C | ||
10 | |||
11 | Upstream-Status: Inactive-Upstream | ||
12 | |||
13 | Signed-off-by: Khem Raj <raj.khem@gmail.com> | ||
14 | --- | ||
15 | unix/configure | 51 +++++++++++++++++++++++++++++++++++++++----------- | ||
16 | 1 file changed, 40 insertions(+), 11 deletions(-) | ||
17 | |||
18 | diff --git a/unix/configure b/unix/configure | ||
19 | index 49579f3..8fd82dd 100755 | ||
20 | --- a/unix/configure | ||
21 | +++ b/unix/configure | ||
22 | @@ -379,14 +379,37 @@ $CC $CFLAGS -c conftest.c >/dev/null 2>/dev/null | ||
23 | |||
24 | # Check for missing functions | ||
25 | # add NO_'function_name' to flags if missing | ||
26 | -for func in fchmod fchown lchown nl_langinfo | ||
27 | -do | ||
28 | - echo Check for $func | ||
29 | - echo "int main(){ $func(); return 0; }" > conftest.c | ||
30 | - $CC $BFLAG $LDFLAGS -o conftest conftest.c >/dev/null 2>/dev/null | ||
31 | - [ $? -ne 0 ] && CFLAGSR="${CFLAGSR} -DNO_`echo $func | tr '[a-z]' '[A-Z]'`" | ||
32 | -done | ||
33 | +echo Check for fchmod | ||
34 | +cat > conftest.c << _EOF_ | ||
35 | +#include <sys/stat.h> | ||
36 | +int main(){ fchmod(0,0); return 0; } | ||
37 | +_EOF_ | ||
38 | +$CC $BFLAG $LDFLAGS -o conftest conftest.c >/dev/null 2>/dev/null | ||
39 | +[ $? -ne 0 ] && CFLAGSR="${CFLAGSR} -DNO_FCHMOD" | ||
40 | |||
41 | +echo Check for fchown | ||
42 | +cat > conftest.c << _EOF_ | ||
43 | +#include <unistd.h> | ||
44 | +int main(){ fchown(0,0,0); return 0; } | ||
45 | +_EOF_ | ||
46 | +$CC $BFLAG $LDFLAGS -o conftest conftest.c >/dev/null 2>/dev/null | ||
47 | +[ $? -ne 0 ] && CFLAGSR="${CFLAGSR} -DNO_FCHOWN" | ||
48 | + | ||
49 | +echo Check for lchown | ||
50 | +cat > conftest.c << _EOF_ | ||
51 | +#include <unistd.h> | ||
52 | +int main(){ lchown(NULL,0,0); return 0; } | ||
53 | +_EOF_ | ||
54 | +$CC $BFLAG $LDFLAGS -o conftest conftest.c >/dev/null 2>/dev/null | ||
55 | +[ $? -ne 0 ] && CFLAGSR="${CFLAGSR} -DNO_LCHOWN" | ||
56 | + | ||
57 | +echo Check for nl_langinfo | ||
58 | +cat > conftest.c << _EOF_ | ||
59 | +#include <langinfo.h> | ||
60 | +int main(){ nl_langinfo(0); return 0; } | ||
61 | +_EOF_ | ||
62 | +$CC $BFLAG $LDFLAGS -o conftest conftest.c >/dev/null 2>/dev/null | ||
63 | +[ $? -ne 0 ] && CFLAGSR="${CFLAGSR} -DNO_NL_LANGINFO" | ||
64 | # Check (seriously) for a working lchmod. | ||
65 | echo 'Check for lchmod' | ||
66 | temp_file="/tmp/unzip_test_$$" | ||
67 | @@ -401,14 +424,17 @@ ln -s "${temp_link}" "${temp_file}" && \ | ||
68 | rm -f "${temp_file}" | ||
69 | |||
70 | echo Check for memset | ||
71 | -echo "int main(){ char k; memset(&k,0,0); return 0; }" > conftest.c | ||
72 | +cat > conftest.c << _EOF_ | ||
73 | +#include <string.h> | ||
74 | +int main(){ char k; memset(&k,0,0); return 0; } | ||
75 | +_EOF_ | ||
76 | $CC $CFLAGS $LDFLAGS -o conftest conftest.c >/dev/null 2>/dev/null | ||
77 | [ $? -ne 0 ] && CFLAGSR="${CFLAGSR} -DZMEM" | ||
78 | |||
79 | echo Check for errno declaration | ||
80 | cat > conftest.c << _EOF_ | ||
81 | #include <errno.h> | ||
82 | -main() | ||
83 | +int main() | ||
84 | { | ||
85 | errno = 0; | ||
86 | return 0; | ||
87 | @@ -419,6 +445,8 @@ $CC $CFLAGS -c conftest.c >/dev/null 2>/dev/null | ||
88 | |||
89 | echo Check for directory libraries | ||
90 | cat > conftest.c << _EOF_ | ||
91 | +#include <sys/types.h> | ||
92 | +#include <dirent.h> | ||
93 | int main() { return closedir(opendir(".")); } | ||
94 | _EOF_ | ||
95 | |||
96 | @@ -523,10 +551,11 @@ fi | ||
97 | # needed for AIX (and others ?) when mmap is used | ||
98 | echo Check for valloc | ||
99 | cat > conftest.c << _EOF_ | ||
100 | -main() | ||
101 | +#include <stdlib.h> | ||
102 | +int main() | ||
103 | { | ||
104 | #ifdef MMAP | ||
105 | - valloc(); | ||
106 | + valloc(0); | ||
107 | #endif | ||
108 | } | ||
109 | _EOF_ | ||
110 | -- | ||
111 | 2.37.1 | ||
112 | |||
diff --git a/meta/recipes-extended/unzip/unzip/0001-configure-Pass-LDFLAGS-to-tests-doing-link-step.patch b/meta/recipes-extended/unzip/unzip/0001-configure-Pass-LDFLAGS-to-tests-doing-link-step.patch new file mode 100644 index 0000000000..5a6d1946f6 --- /dev/null +++ b/meta/recipes-extended/unzip/unzip/0001-configure-Pass-LDFLAGS-to-tests-doing-link-step.patch | |||
@@ -0,0 +1,137 @@ | |||
1 | From da29ba6a27d8e78562052c79061476848915eb2a Mon Sep 17 00:00:00 2001 | ||
2 | From: Khem Raj <raj.khem@gmail.com> | ||
3 | Date: Wed, 9 Mar 2022 12:13:28 -0800 | ||
4 | Subject: [PATCH] configure: Pass LDFLAGS to tests doing link step | ||
5 | |||
6 | Ensures that right flags from recipes are honored, otherwise tests fail | ||
7 | which otherwise should not. | ||
8 | |||
9 | Upstream-Status: Inactive-Upstream | ||
10 | Signed-off-by: Khem Raj <raj.khem@gmail.com> | ||
11 | --- | ||
12 | unix/configure | 28 ++++++++++++++-------------- | ||
13 | 1 file changed, 14 insertions(+), 14 deletions(-) | ||
14 | |||
15 | diff --git a/unix/configure b/unix/configure | ||
16 | index d4b0a8e..49579f3 100755 | ||
17 | --- a/unix/configure | ||
18 | +++ b/unix/configure | ||
19 | @@ -116,7 +116,7 @@ _EOF_ | ||
20 | # Special Mac OS X shared library "ld" option? | ||
21 | if test ` uname -s 2> /dev/null ` = 'Darwin'; then | ||
22 | lf='-Wl,-search_paths_first' | ||
23 | - $CC $CFLAGS $lf conftest.c > /dev/null 2>/dev/null | ||
24 | + $CC $CFLAGS $LDFLAGS $lf conftest.c > /dev/null 2>/dev/null | ||
25 | if test $? -eq 0; then | ||
26 | BZLF=${lf} | ||
27 | fi | ||
28 | @@ -276,7 +276,7 @@ int main() | ||
29 | } | ||
30 | _EOF_ | ||
31 | # compile it | ||
32 | -$CC -o conftest conftest.c >/dev/null 2>/dev/null | ||
33 | +$CC $CFLAGS $LDFLAGS -o conftest conftest.c >/dev/null 2>/dev/null | ||
34 | if [ $? -ne 0 ]; then | ||
35 | echo -- no Large File Support | ||
36 | else | ||
37 | @@ -322,7 +322,7 @@ int main() | ||
38 | } | ||
39 | _EOF_ | ||
40 | # compile it | ||
41 | -$CC -o conftest conftest.c >/dev/null 2>/dev/null | ||
42 | +$CC $CFLAGS $LDFLAGS -o conftest conftest.c >/dev/null 2>/dev/null | ||
43 | if [ $? -ne 0 ]; then | ||
44 | echo "-- no Unicode (wchar_t) support" | ||
45 | else | ||
46 | @@ -383,7 +383,7 @@ for func in fchmod fchown lchown nl_langinfo | ||
47 | do | ||
48 | echo Check for $func | ||
49 | echo "int main(){ $func(); return 0; }" > conftest.c | ||
50 | - $CC $BFLAG -o conftest conftest.c >/dev/null 2>/dev/null | ||
51 | + $CC $BFLAG $LDFLAGS -o conftest conftest.c >/dev/null 2>/dev/null | ||
52 | [ $? -ne 0 ] && CFLAGSR="${CFLAGSR} -DNO_`echo $func | tr '[a-z]' '[A-Z]'`" | ||
53 | done | ||
54 | |||
55 | @@ -395,14 +395,14 @@ temp_link="link_$$" | ||
56 | echo "int main() { lchmod(\"${temp_file}\", 0666); }" \ | ||
57 | ) > conftest.c | ||
58 | ln -s "${temp_link}" "${temp_file}" && \ | ||
59 | - $CC $BFLAG -o conftest conftest.c >/dev/null 2>/dev/null && \ | ||
60 | + $CC $BFLAG $LDFLAGS -o conftest conftest.c >/dev/null 2>/dev/null && \ | ||
61 | ./conftest | ||
62 | [ $? -ne 0 ] && CFLAGSR="${CFLAGSR} -DNO_LCHMOD" | ||
63 | rm -f "${temp_file}" | ||
64 | |||
65 | echo Check for memset | ||
66 | echo "int main(){ char k; memset(&k,0,0); return 0; }" > conftest.c | ||
67 | -$CC -o conftest conftest.c >/dev/null 2>/dev/null | ||
68 | +$CC $CFLAGS $LDFLAGS -o conftest conftest.c >/dev/null 2>/dev/null | ||
69 | [ $? -ne 0 ] && CFLAGSR="${CFLAGSR} -DZMEM" | ||
70 | |||
71 | echo Check for errno declaration | ||
72 | @@ -422,12 +422,12 @@ cat > conftest.c << _EOF_ | ||
73 | int main() { return closedir(opendir(".")); } | ||
74 | _EOF_ | ||
75 | |||
76 | -$CC -o conftest conftest.c >/dev/null 2>/dev/null | ||
77 | +$CC $CFLAGS $LDFLAGS -o conftest conftest.c >/dev/null 2>/dev/null | ||
78 | if [ $? -ne 0 ]; then | ||
79 | OPT="" | ||
80 | for lib in ndir dir ucb bsd BSD PW x dirent | ||
81 | do | ||
82 | - $CC -o conftest conftest.c -l$lib >/dev/null 2>/dev/null | ||
83 | + $CC $CLFAGS $LDFLAGS -o conftest conftest.c -l$lib >/dev/null 2>/dev/null | ||
84 | [ $? -eq 0 ] && OPT=-l$lib && break | ||
85 | done | ||
86 | if [ ${OPT} ]; then | ||
87 | @@ -440,9 +440,9 @@ fi | ||
88 | # Dynix/ptx 1.3 needed this | ||
89 | echo Check for readlink | ||
90 | echo "int main(){ return readlink(); }" > conftest.c | ||
91 | -$CC -o conftest conftest.c >/dev/null 2>/dev/null | ||
92 | +$CC $CFLAGS $LDFLAGS -o conftest conftest.c >/dev/null 2>/dev/null | ||
93 | if [ $? -ne 0 ]; then | ||
94 | - $CC -o conftest conftest.c -lseq >/dev/null 2>/dev/null | ||
95 | + $CC $CFLAGS $LDFLAGS -o conftest conftest.c -lseq >/dev/null 2>/dev/null | ||
96 | [ $? -eq 0 ] && LFLAGS2="${LFLAGS2} -lseq" | ||
97 | fi | ||
98 | |||
99 | @@ -501,7 +501,7 @@ int main() | ||
100 | } | ||
101 | _EOF_ | ||
102 | # compile it | ||
103 | -$CC ${CFLAGS} ${CFLAGSR} -o conftest conftest.c >/dev/null 2>/dev/null | ||
104 | +$CC ${CFLAGS} ${CFLAGSR} $LDFLAGS -o conftest conftest.c >/dev/null 2>/dev/null | ||
105 | if [ $? -ne 0 ]; then | ||
106 | echo "-- no MBCS support" | ||
107 | CFLAGSR="${CFLAGSR} -DNO_MBCS" | ||
108 | @@ -515,7 +515,7 @@ else | ||
109 | do | ||
110 | echo Check for MBCS $func | ||
111 | echo "int main() { $func(); return 0; }" > conftest.c | ||
112 | - $CC $BFLAG -o conftest conftest.c >/dev/null 2>/dev/null | ||
113 | + $CC $BFLAG $LDFLAGS -o conftest conftest.c >/dev/null 2>/dev/null | ||
114 | [ $? -eq 0 ] && CFLAGSR="${CFLAGSR} -D`echo $func | tr '[a-z]' '[A-Z]'`=$func" | ||
115 | done | ||
116 | fi | ||
117 | @@ -557,7 +557,7 @@ elif [ -f /xenix ]; then | ||
118 | elif uname -X >/dev/null 2>/dev/null; then | ||
119 | # SCO shared library check | ||
120 | echo "int main() { return 0;}" > conftest.c | ||
121 | - $CC -o conftest conftest.c -lc_s -nointl >/dev/null 2> /dev/null | ||
122 | + $CC $CFLAGS $LDFLAGS -o conftest conftest.c -lc_s -nointl >/dev/null 2> /dev/null | ||
123 | [ $? -eq 0 ] && LFLAGS2="-lc_s -nointl" | ||
124 | else | ||
125 | SYSTEM=`uname -s 2>/dev/null` || SYSTEM="unknown" | ||
126 | @@ -565,7 +565,7 @@ else | ||
127 | case $SYSTEM in | ||
128 | OSF1|ULTRIX) | ||
129 | echo Check for -Olimit option | ||
130 | - $CC ${CFLAGS} -Olimit 1000 -o conftest conftest.c >/dev/null 2>/dev/null | ||
131 | + $CC ${CFLAGS} ${LDFLAGS} -Olimit 1000 -o conftest conftest.c >/dev/null 2>/dev/null | ||
132 | [ $? -eq 0 ] && CFLAGSR="${CFLAGSR} -Olimit 1000" | ||
133 | ;; | ||
134 | ### HP-UX) | ||
135 | -- | ||
136 | 2.35.1 | ||
137 | |||
diff --git a/meta/recipes-extended/unzip/unzip/0001-unix-configure-fix-detection-for-cross-compilation.patch b/meta/recipes-extended/unzip/unzip/0001-unix-configure-fix-detection-for-cross-compilation.patch new file mode 100644 index 0000000000..2fa7f481b7 --- /dev/null +++ b/meta/recipes-extended/unzip/unzip/0001-unix-configure-fix-detection-for-cross-compilation.patch | |||
@@ -0,0 +1,103 @@ | |||
1 | From 5cbf901b5c3b6a7d1d0ed91b6df4194bb6d25a40 Mon Sep 17 00:00:00 2001 | ||
2 | From: Chen Qi <Qi.Chen@windriver.com> | ||
3 | Date: Thu, 15 Jun 2023 07:14:17 -0700 | ||
4 | Subject: [PATCH] unix/configure: fix detection for cross compilation | ||
5 | |||
6 | We're doing cross compilation, running a cross-compiled problem | ||
7 | on host to detemine feature is not correct. So we change runtime | ||
8 | check into compile-time check to detect the features. | ||
9 | |||
10 | Upstream-Status: Inactive-Upstream | ||
11 | |||
12 | Signed-off-by: Chen Qi <Qi.Chen@windriver.com> | ||
13 | --- | ||
14 | unix/configure | 44 +++++++++++++++----------------------------- | ||
15 | 1 file changed, 15 insertions(+), 29 deletions(-) | ||
16 | |||
17 | diff --git a/unix/configure b/unix/configure | ||
18 | index 8fd82dd..68dee98 100755 | ||
19 | --- a/unix/configure | ||
20 | +++ b/unix/configure | ||
21 | @@ -259,6 +259,10 @@ cat > conftest.c << _EOF_ | ||
22 | #include <sys/stat.h> | ||
23 | #include <unistd.h> | ||
24 | #include <stdio.h> | ||
25 | + | ||
26 | +_Static_assert(sizeof(off_t) < 8, "sizeof off_t < 8 failed"); | ||
27 | +_Static_assert(sizeof((struct stat){0}.st_size) < 8, "sizeof st_size < 8 failed"); | ||
28 | + | ||
29 | int main() | ||
30 | { | ||
31 | off_t offset; | ||
32 | @@ -278,21 +282,10 @@ _EOF_ | ||
33 | # compile it | ||
34 | $CC $CFLAGS $LDFLAGS -o conftest conftest.c >/dev/null 2>/dev/null | ||
35 | if [ $? -ne 0 ]; then | ||
36 | - echo -- no Large File Support | ||
37 | + echo -- yes we have Large File Support! | ||
38 | + CFLAGSR="${CFLAGSR} -DLARGE_FILE_SUPPORT" | ||
39 | else | ||
40 | -# run it | ||
41 | - ./conftest | ||
42 | - r=$? | ||
43 | - if [ $r -eq 1 ]; then | ||
44 | - echo -- no Large File Support - no 64-bit off_t | ||
45 | - elif [ $r -eq 2 ]; then | ||
46 | - echo -- no Large File Support - no 64-bit stat | ||
47 | - elif [ $r -eq 3 ]; then | ||
48 | - echo -- yes we have Large File Support! | ||
49 | - CFLAGSR="${CFLAGSR} -DLARGE_FILE_SUPPORT" | ||
50 | - else | ||
51 | - echo -- no Large File Support - conftest returned $r | ||
52 | - fi | ||
53 | + echo -- no Large File Support | ||
54 | fi | ||
55 | |||
56 | # Added 11/24/2005 EG | ||
57 | @@ -302,6 +295,11 @@ cat > conftest.c << _EOF_ | ||
58 | #include <stdlib.h> | ||
59 | #include <stdio.h> | ||
60 | #include <wchar.h> | ||
61 | + | ||
62 | +#ifndef __STDC_ISO_10646__ | ||
63 | +#error "__STDC_ISO_10646__ not defined | ||
64 | +#endif | ||
65 | + | ||
66 | int main() | ||
67 | { | ||
68 | size_t wsize; | ||
69 | @@ -327,19 +325,8 @@ if [ $? -ne 0 ]; then | ||
70 | echo "-- no Unicode (wchar_t) support" | ||
71 | else | ||
72 | # have wide char support | ||
73 | -# run it | ||
74 | - ./conftest | ||
75 | - r=$? | ||
76 | - if [ $r -eq 0 ]; then | ||
77 | - echo -- no Unicode wchar_t support - wchar_t allocation error | ||
78 | - elif [ $r -eq 1 ]; then | ||
79 | - echo -- no Unicode support - wchar_t encoding unspecified | ||
80 | - elif [ $r -eq 2 ]; then | ||
81 | - echo -- have wchar_t with known UCS encoding - enabling Unicode support! | ||
82 | - CFLAGSR="${CFLAGSR} -DUNICODE_SUPPORT -DUNICODE_WCHAR" | ||
83 | - else | ||
84 | - echo "-- no Unicode (wchar_t) support - conftest returned $r" | ||
85 | - fi | ||
86 | + echo -- have wchar_t with known UCS encoding - enabling Unicode support! | ||
87 | + CFLAGSR="${CFLAGSR} -DUNICODE_SUPPORT -DUNICODE_WCHAR" | ||
88 | fi | ||
89 | |||
90 | echo "Check for setlocale support (needed for UNICODE Native check)" | ||
91 | @@ -418,8 +405,7 @@ temp_link="link_$$" | ||
92 | echo "int main() { lchmod(\"${temp_file}\", 0666); }" \ | ||
93 | ) > conftest.c | ||
94 | ln -s "${temp_link}" "${temp_file}" && \ | ||
95 | - $CC $BFLAG $LDFLAGS -o conftest conftest.c >/dev/null 2>/dev/null && \ | ||
96 | - ./conftest | ||
97 | + $CC -Werror=implicit-function-declaration $BFLAG $LDFLAGS -o conftest conftest.c >/dev/null | ||
98 | [ $? -ne 0 ] && CFLAGSR="${CFLAGSR} -DNO_LCHMOD" | ||
99 | rm -f "${temp_file}" | ||
100 | |||
101 | -- | ||
102 | 2.34.1 | ||
103 | |||
diff --git a/meta/recipes-extended/unzip/unzip/CVE-2021-4217.patch b/meta/recipes-extended/unzip/unzip/CVE-2021-4217.patch new file mode 100644 index 0000000000..c0103444fc --- /dev/null +++ b/meta/recipes-extended/unzip/unzip/CVE-2021-4217.patch | |||
@@ -0,0 +1,67 @@ | |||
1 | From 731d698377dbd1f5b1b90efeb8094602ed59fc40 Mon Sep 17 00:00:00 2001 | ||
2 | From: Nils Bars <nils.bars@t-online.de> | ||
3 | Date: Mon, 17 Jan 2022 16:53:16 +0000 | ||
4 | Subject: [PATCH] Fix null pointer dereference and use of uninitialized data | ||
5 | |||
6 | This fixes a bug that causes use of uninitialized heap data if `readbuf` fails | ||
7 | to read as many bytes as indicated by the extra field length attribute. | ||
8 | Furthermore, this fixes a null pointer dereference if an archive contains an | ||
9 | `EF_UNIPATH` extra field but does not have a filename set. | ||
10 | --- | ||
11 | fileio.c | 5 ++++- | ||
12 | process.c | 6 +++++- | ||
13 | 2 files changed, 9 insertions(+), 2 deletions(-) | ||
14 | --- | ||
15 | |||
16 | Patch from: | ||
17 | https://bugs.launchpad.net/ubuntu/+source/unzip/+bug/1957077 | ||
18 | https://launchpadlibrarian.net/580782282/0001-Fix-null-pointer-dereference-and-use-of-uninitialized-data.patch | ||
19 | Regenerated to apply without offsets. | ||
20 | |||
21 | CVE: CVE-2021-4217 | ||
22 | |||
23 | Upstream-Status: Inactive-Upstream [infozip upstream inactive] | ||
24 | |||
25 | Signed-off-by: Joe Slater <joe.slater@windriver.com> | ||
26 | |||
27 | |||
28 | diff --git a/fileio.c b/fileio.c | ||
29 | index 14460f3..1dc319e 100644 | ||
30 | --- a/fileio.c | ||
31 | +++ b/fileio.c | ||
32 | @@ -2301,8 +2301,11 @@ int do_string(__G__ length, option) /* return PK-type error code */ | ||
33 | seek_zipf(__G__ G.cur_zipfile_bufstart - G.extra_bytes + | ||
34 | (G.inptr-G.inbuf) + length); | ||
35 | } else { | ||
36 | - if (readbuf(__G__ (char *)G.extra_field, length) == 0) | ||
37 | + unsigned bytes_read = readbuf(__G__ (char *)G.extra_field, length); | ||
38 | + if (bytes_read == 0) | ||
39 | return PK_EOF; | ||
40 | + if (bytes_read != length) | ||
41 | + return PK_ERR; | ||
42 | /* Looks like here is where extra fields are read */ | ||
43 | if (getZip64Data(__G__ G.extra_field, length) != PK_COOL) | ||
44 | { | ||
45 | diff --git a/process.c b/process.c | ||
46 | index 5f8f6c6..de843a5 100644 | ||
47 | --- a/process.c | ||
48 | +++ b/process.c | ||
49 | @@ -2058,10 +2058,14 @@ int getUnicodeData(__G__ ef_buf, ef_len) | ||
50 | G.unipath_checksum = makelong(offset + ef_buf); | ||
51 | offset += 4; | ||
52 | |||
53 | + if (!G.filename_full) { | ||
54 | + /* Check if we have a unicode extra section but no filename set */ | ||
55 | + return PK_ERR; | ||
56 | + } | ||
57 | + | ||
58 | /* | ||
59 | * Compute 32-bit crc | ||
60 | */ | ||
61 | - | ||
62 | chksum = crc32(chksum, (uch *)(G.filename_full), | ||
63 | strlen(G.filename_full)); | ||
64 | |||
65 | -- | ||
66 | 2.32.0 | ||
67 | |||
diff --git a/meta/recipes-extended/unzip/unzip/CVE-2022-0529.patch b/meta/recipes-extended/unzip/unzip/CVE-2022-0529.patch new file mode 100644 index 0000000000..1c1e120deb --- /dev/null +++ b/meta/recipes-extended/unzip/unzip/CVE-2022-0529.patch | |||
@@ -0,0 +1,39 @@ | |||
1 | https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010355 | ||
2 | |||
3 | CVE: CVE-2022-0529 | ||
4 | Upstream-Status: Inactive-Upstream [need a new release] | ||
5 | |||
6 | diff --git a/process.c b/process.c | ||
7 | index d2a846e..99b9c7b 100644 | ||
8 | --- a/process.c | ||
9 | +++ b/process.c | ||
10 | @@ -2507,13 +2507,15 @@ char *wide_to_local_string(wide_string, escape_all) | ||
11 | char buf[9]; | ||
12 | char *buffer = NULL; | ||
13 | char *local_string = NULL; | ||
14 | + size_t buffer_size; | ||
15 | |||
16 | for (wsize = 0; wide_string[wsize]; wsize++) ; | ||
17 | |||
18 | if (max_bytes < MAX_ESCAPE_BYTES) | ||
19 | max_bytes = MAX_ESCAPE_BYTES; | ||
20 | |||
21 | - if ((buffer = (char *)malloc(wsize * max_bytes + 1)) == NULL) { | ||
22 | + buffer_size = wsize * max_bytes + 1; | ||
23 | + if ((buffer = (char *)malloc(buffer_size)) == NULL) { | ||
24 | return NULL; | ||
25 | } | ||
26 | |||
27 | @@ -2552,7 +2554,11 @@ char *wide_to_local_string(wide_string, escape_all) | ||
28 | /* no MB for this wide */ | ||
29 | /* use escape for wide character */ | ||
30 | char *escape_string = wide_to_escape_string(wide_string[i]); | ||
31 | - strcat(buffer, escape_string); | ||
32 | + size_t buffer_len = strlen(buffer); | ||
33 | + size_t escape_string_len = strlen(escape_string); | ||
34 | + if (buffer_len + escape_string_len + 1 > buffer_size) | ||
35 | + escape_string_len = buffer_size - buffer_len - 1; | ||
36 | + strncat(buffer, escape_string, escape_string_len); | ||
37 | free(escape_string); | ||
38 | } | ||
39 | } | ||
diff --git a/meta/recipes-extended/unzip/unzip/CVE-2022-0530.patch b/meta/recipes-extended/unzip/unzip/CVE-2022-0530.patch new file mode 100644 index 0000000000..363dafddc9 --- /dev/null +++ b/meta/recipes-extended/unzip/unzip/CVE-2022-0530.patch | |||
@@ -0,0 +1,33 @@ | |||
1 | https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010355 | ||
2 | |||
3 | CVE: CVE-2022-0530 | ||
4 | Upstream-Status: Inactive-Upstream [need a new release] | ||
5 | |||
6 | diff --git a/fileio.c b/fileio.c | ||
7 | index 6290824..77e4b5f 100644 | ||
8 | --- a/fileio.c | ||
9 | +++ b/fileio.c | ||
10 | @@ -2361,6 +2361,9 @@ int do_string(__G__ length, option) /* return PK-type error code */ | ||
11 | /* convert UTF-8 to local character set */ | ||
12 | fn = utf8_to_local_string(G.unipath_filename, | ||
13 | G.unicode_escape_all); | ||
14 | + if (fn == NULL) | ||
15 | + return PK_ERR; | ||
16 | + | ||
17 | /* make sure filename is short enough */ | ||
18 | if (strlen(fn) >= FILNAMSIZ) { | ||
19 | fn[FILNAMSIZ - 1] = '\0'; | ||
20 | diff --git a/process.c b/process.c | ||
21 | index d2a846e..715bc0f 100644 | ||
22 | --- a/process.c | ||
23 | +++ b/process.c | ||
24 | @@ -2605,6 +2605,8 @@ char *utf8_to_local_string(utf8_string, escape_all) | ||
25 | int escape_all; | ||
26 | { | ||
27 | zwchar *wide = utf8_to_wide_string(utf8_string); | ||
28 | + if (wide == NULL) | ||
29 | + return NULL; | ||
30 | char *loc = wide_to_local_string(wide, escape_all); | ||
31 | free(wide); | ||
32 | return loc; | ||
33 | |||
diff --git a/meta/recipes-extended/unzip/unzip/avoid-strip.patch b/meta/recipes-extended/unzip/unzip/avoid-strip.patch index 8f30e42674..70bedc8381 100644 --- a/meta/recipes-extended/unzip/unzip/avoid-strip.patch +++ b/meta/recipes-extended/unzip/unzip/avoid-strip.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | Upstream-Status: Pending | 1 | Upstream-Status: Inactive-Upstream [need a new release] |
2 | 2 | ||
3 | unix/Makefile: remove hard coded strip commands | 3 | unix/Makefile: remove hard coded strip commands |
4 | 4 | ||
diff --git a/meta/recipes-extended/unzip/unzip/define-ldflags.patch b/meta/recipes-extended/unzip/unzip/define-ldflags.patch index 659c6e3315..dd01c01400 100644 --- a/meta/recipes-extended/unzip/unzip/define-ldflags.patch +++ b/meta/recipes-extended/unzip/unzip/define-ldflags.patch | |||
@@ -1,6 +1,6 @@ | |||
1 | Pass LDFLAGS to the linker | 1 | Pass LDFLAGS to the linker |
2 | 2 | ||
3 | Upstream-Status: Pending | 3 | Upstream-Status: Inactive-Upstream [need a new release] |
4 | 4 | ||
5 | Signed-off-by: Mikhail Durnev <Mikhail_Durnev@mentor.com> | 5 | Signed-off-by: Mikhail Durnev <Mikhail_Durnev@mentor.com> |
6 | 6 | ||
diff --git a/meta/recipes-extended/unzip/unzip/fix-security-format.patch b/meta/recipes-extended/unzip/unzip/fix-security-format.patch index 8e9b06c423..2889c652d4 100644 --- a/meta/recipes-extended/unzip/unzip/fix-security-format.patch +++ b/meta/recipes-extended/unzip/unzip/fix-security-format.patch | |||
@@ -5,7 +5,7 @@ Fix security formatting issues related to sprintf parameters expeted. | |||
5 | [YOCTO #9551] | 5 | [YOCTO #9551] |
6 | [https://bugzilla.yoctoproject.org/show_bug.cgi?id=9551] | 6 | [https://bugzilla.yoctoproject.org/show_bug.cgi?id=9551] |
7 | 7 | ||
8 | Upstream-Status: Pending | 8 | Upstream-Status: Inactive-Upstream [need a new release] |
9 | 9 | ||
10 | Signed-off-by: Edwin Plauchu <edwin.plauchu.camacho@intel.com> | 10 | Signed-off-by: Edwin Plauchu <edwin.plauchu.camacho@intel.com> |
11 | 11 | ||
diff --git a/meta/recipes-extended/unzip/unzip/symlink.patch b/meta/recipes-extended/unzip/unzip/symlink.patch index a38f6f1612..26f1c8ba86 100644 --- a/meta/recipes-extended/unzip/unzip/symlink.patch +++ b/meta/recipes-extended/unzip/unzip/symlink.patch | |||
@@ -6,7 +6,7 @@ a symlink entry." | |||
6 | 6 | ||
7 | This patch is taken from Fedora (https://bugzilla.redhat.com/show_bug.cgi?id=972427) | 7 | This patch is taken from Fedora (https://bugzilla.redhat.com/show_bug.cgi?id=972427) |
8 | 8 | ||
9 | Upstream-Status: Pending (upstream is dead) | 9 | Upstream-Status: Inactive-Upstream [need a new release] |
10 | Signed-off-by: Ross Burton <ross.burton@intel.com> | 10 | Signed-off-by: Ross Burton <ross.burton@intel.com> |
11 | 11 | ||
12 | --- unzip60/process.c.sav 2013-06-09 12:08:57.070392264 +0200 | 12 | --- unzip60/process.c.sav 2013-06-09 12:08:57.070392264 +0200 |
diff --git a/meta/recipes-extended/unzip/unzip/unzip_optimization.patch b/meta/recipes-extended/unzip/unzip/unzip_optimization.patch new file mode 100644 index 0000000000..4bab7b26af --- /dev/null +++ b/meta/recipes-extended/unzip/unzip/unzip_optimization.patch | |||
@@ -0,0 +1,127 @@ | |||
1 | unzip: use optimization from bitbake | ||
2 | |||
3 | Remove -O3 optimizations to use bitbake default optimization levels. | ||
4 | |||
5 | Upstream-Status: Inappropriate [configuration] | ||
6 | |||
7 | Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de> | ||
8 | |||
9 | diff -rup unix-orig/configure unix/configure | ||
10 | --- a/unix-orig/configure 2021-04-16 10:25:03.120858292 +0000 | ||
11 | +++ b/unix/configure 2021-04-16 10:46:43.292546138 +0000 | ||
12 | @@ -70,7 +70,7 @@ int main() | ||
13 | _EOF_ | ||
14 | $CC $CFLAGS -c conftest.c > /dev/null 2>/dev/null | ||
15 | if test $? -eq 0; then | ||
16 | - CFLAGS_OPT='-O3' | ||
17 | + CFLAGS_OPT='' | ||
18 | echo " DEC C ($CFLAGS_OPT)" | ||
19 | else | ||
20 | # HP-UX HP C? | ||
21 | @@ -111,7 +111,7 @@ int main() | ||
22 | _EOF_ | ||
23 | $CC $CFLAGS -c conftest.c > /dev/null 2>/dev/null | ||
24 | if test $? -eq 0; then | ||
25 | - CFLAGS_OPT='-O3' | ||
26 | + CFLAGS_OPT='' | ||
27 | echo " GNU C ($CFLAGS_OPT)" | ||
28 | # Special Mac OS X shared library "ld" option? | ||
29 | if test ` uname -s 2> /dev/null ` = 'Darwin'; then | ||
30 | diff -rup unix-orig/Makefile unix/Makefile | ||
31 | --- a/unix-orig/Makefile 2021-04-16 10:25:03.000863878 +0000 | ||
32 | +++ b/unix/Makefile 2021-04-16 10:47:31.658299278 +0000 | ||
33 | @@ -47,7 +47,7 @@ LD = $(CC)# must match, else "unresolved | ||
34 | AS = as | ||
35 | LOC = $(D_USE_BZ2) $(LOCAL_UNZIP) | ||
36 | AF = $(LOC) | ||
37 | -CFLAGS = -O | ||
38 | +CFLAGS = | ||
39 | CF_NOOPT = -I. -I$(IZ_BZIP2) -DUNIX $(LOC) | ||
40 | CF = $(CFLAGS) $(CF_NOOPT) | ||
41 | LFLAGS1 = | ||
42 | @@ -594,12 +594,12 @@ generic_shlib: unix_make | ||
43 | @echo\ | ||
44 | 'which is UnZip linked with the DLL). This target is an example only.' | ||
45 | @echo "" | ||
46 | - $(MAKE) objsdll CC=gcc CFLAGS="-O3 -Wall -fPIC -DDLL" | ||
47 | + $(MAKE) objsdll CC=gcc CFLAGS="-Wall -fPIC -DDLL" | ||
48 | gcc -shared -Wl,-soname,libunzip.so.0 -o libunzip.so.0.4 $(OBJSDLL) | ||
49 | $(RM) libunzip.so.0 libunzip.so | ||
50 | $(LN) -s libunzip.so.0.4 libunzip.so.0 | ||
51 | $(LN) -s libunzip.so.0 libunzip.so | ||
52 | - gcc -c -O unzipstb.c | ||
53 | + gcc -c unzipstb.c | ||
54 | gcc -o unzip_shlib unzipstb.o -L. -lunzip | ||
55 | |||
56 | #---------------------------------------------------------------------------- | ||
57 | @@ -775,7 +775,7 @@ freebsd: unix_make | ||
58 | # with "echo" instead). | ||
59 | # | ||
60 | gcc: unix_make | ||
61 | - $(MAKE) unzips CC=gcc LD=gcc CFLAGS="-O3" LF2="" | ||
62 | + $(MAKE) unzips CC=gcc LD=gcc CFLAGS="" LF2="" | ||
63 | |||
64 | # Heurikon HK68 (68010), UniPlus+ System V 5.0, Green Hills C-68000 | ||
65 | hk68: unix_make | ||
66 | @@ -792,7 +792,7 @@ isc: unix_make | ||
67 | isc_gcc: unix_make | ||
68 | $(MAKE) unzips AS=gcc CC=gcc LD=gcc CRCA_O=crc_gcc$O \ | ||
69 | LF="-shlib $(LF)" SL="-shlib $(SL)" FL="-shlib $(FL)" LF2="" \ | ||
70 | - CFLAGS="-O3" LOC="-DSYSV -DASM_CRC -DNO_UID_GID -DNEED_PTEM -DNO_LCHOWN -DNO_LCHMOD $(LOC)" \ | ||
71 | + CFLAGS="" LOC="-DSYSV -DASM_CRC -DNO_UID_GID -DNEED_PTEM -DNO_LCHOWN -DNO_LCHMOD $(LOC)" \ | ||
72 | AF="-DNO_UNDERLINE -Djecxz=jcxz -DALIGNMENT='.align 16' $(AF)" | ||
73 | $(STRIP) $(UNZIPS) | ||
74 | |||
75 | @@ -808,7 +808,7 @@ isi: unix_make | ||
76 | linux: unix_make | ||
77 | @echo 'NOTE: use linux_noasm target for non-Intel Linux compiles.' | ||
78 | $(MAKE) unzips CC=gcc LD=gcc AS=gcc\ | ||
79 | - CFLAGS="-O3 -Wall -DASM_CRC"\ | ||
80 | + CFLAGS="-Wall -DASM_CRC"\ | ||
81 | AF="-Di386 $(AF)" CRCA_O=crc_gcc$O | ||
82 | # GRR: this echo is pointless; if user gets this far, no difference to install | ||
83 | # @echo 'Be sure to use the install_asm target rather than the install target' | ||
84 | @@ -818,14 +818,14 @@ linux_asm: linux | ||
85 | # Linux (Posix, approximately SysV): virtually any version since before 0.96, | ||
86 | # for any platform. Change "-O" to "-O3" or whatever, as desired... | ||
87 | linux_noasm: unix_make | ||
88 | - $(MAKE) unzips CC=gcc LD=gcc CFLAGS="-O -Wall" | ||
89 | + $(MAKE) unzips CC=gcc LD=gcc CFLAGS="-Wall" | ||
90 | |||
91 | # Linux with lcc compiler: __inline__ (stat.h) not recognized, and must edit | ||
92 | # /usr/include/gnu/types.h to get rid of "long long" if __LCC__ defined. -O3 | ||
93 | # (or -O2 or -O) is ignored. [GRR 960828: test target only] | ||
94 | # | ||
95 | linux_lcc: unix_make | ||
96 | - $(MAKE) unzips CC=lcc LD=lcc CFLAGS="-O3 -Wall -D__inline__= " | ||
97 | + $(MAKE) unzips CC=lcc LD=lcc CFLAGS="-Wall -D__inline__= " | ||
98 | |||
99 | # Linux host with go32 (djgpp) cross-compiler (go32crs.tgz) for 32-bit DOS. | ||
100 | linux_dos: unix_make | ||
101 | @@ -844,7 +844,7 @@ linux_dos: unix_make | ||
102 | # library). | ||
103 | # | ||
104 | linux_shlib: unix_make | ||
105 | - $(MAKE) objsdll CC=gcc CFLAGS="-O3 -Wall -fPIC"\ | ||
106 | + $(MAKE) objsdll CC=gcc CFLAGS="-Wall -fPIC"\ | ||
107 | LOC="-DDLL -DASM_CRC $(LOC)"\ | ||
108 | AS=gcc AF="-fPIC -Di386 $(AF)" CRCA_O=crc_gcc$O | ||
109 | gcc -shared -Wl,-soname,libunzip.so.0 -o libunzip.so.0.4 $(OBJSDLL)\ | ||
110 | @@ -858,7 +858,7 @@ linux_shlib: unix_make | ||
111 | # instead of the original UnZip version. (libz was libgz prior to 0.94) | ||
112 | linux_shlibz: unix_make | ||
113 | $(MAKE) objsdll CC=gcc AS=gcc AF="-fPIC -Di386 $(AF)" CRCA_O=crc_gcc$O\ | ||
114 | - CFLAGS="-O3 -Wall -fPIC" LOC="-DDLL -DUSE_ZLIB -DASM_CRC $(LOC)" | ||
115 | + CFLAGS="-Wall -fPIC" LOC="-DDLL -DUSE_ZLIB -DASM_CRC $(LOC)" | ||
116 | gcc -shared -Wl,-soname,libunzip.so.0 -o libunzip.so.0.4 $(OBJSDLL)\ | ||
117 | crc_gcc.pic.o | ||
118 | ln -sf libunzip.so.0.4 libunzip.so.0 | ||
119 | @@ -871,7 +871,7 @@ lynx: unix_make | ||
120 | |||
121 | # Macintosh MacOS X (Unix-compatible enviroment), using standard compiler | ||
122 | macosx: unix_make | ||
123 | - $(MAKE) unzips CFLAGS="-O3 -Wall -DBSD" LF2="" | ||
124 | + $(MAKE) unzips CFLAGS="-Wall -DBSD" LF2="" | ||
125 | $(STRIP) $(UNZIPS) | ||
126 | |||
127 | # Macintosh MacOS X (Unix-compatible enviroment), using gcc | ||