1 files changed, 7 insertions, 5 deletions
diff --git a/meta/recipes-extended/unzip/unzip/10-cve-2014-8140-test-compr-eb.patch b/meta/recipes-extended/unzip/unzip/10-cve-2014-8140-test-compr-eb.patch
index c989df1896..ca4aaadffe 100644
--- a/meta/recipes-extended/unzip/unzip/10-cve-2014-8140-test-compr-eb.patch
+++ b/meta/recipes-extended/unzip/unzip/10-cve-2014-8140-test-compr-eb.patch
@@ -9,9 +9,11 @@ CVE: CVE-2014-8140
 Signed-off-by: Roy Li <rongqing.li@windriver.com>
--- a/extract.c
+Index: unzip60/extract.c
-+++ b/extract.c
+===================================================================
-@@ -2232,10 +2232,17 @@
+--- unzip60.orig/extract.c
+++ unzip60/extract.c
+@@ -2233,10 +2233,17 @@ static int test_compr_eb(__G__ eb, eb_si
     if (compr_offset < 4)                /* field is not compressed: */
         return PK_OK;                    /* do nothing and signal OK */
 
@@ -30,5 +32,5 @@ Signed-off-by: Roy Li <rongqing.li@windriver.com>
 +     ((eb_ucsize > 0L) && (eb_size <= (compr_offset + EB_CMPRHEADLEN))))
 +        return IZ_EF_TRUNC;             /* no/bad compressed data! */
 
-     if (
+     method = makeword(eb + (EB_HEADSIZE + compr_offset));
- #ifdef INT_16BIT
+     if ((method == STORED) &&

diff --git a/meta/recipes-extended/unzip/unzip/10-cve-2014-8140-test-compr-eb.patch b/meta/recipes-extended/unzip/unzip/10-cve-2014-8140-test-compr-eb.patch index c989df1896..ca4aaadffe 100644 --- a/meta/recipes-extended/unzip/unzip/10-cve-2014-8140-test-compr-eb.patch +++ b/meta/recipes-extended/unzip/unzip/10-cve-2014-8140-test-compr-eb.patch
@@ -9,9 +9,11 @@ CVE: CVE-2014-8140
9		9
10	Signed-off-by: Roy Li <rongqing.li@windriver.com>	10	Signed-off-by: Roy Li <rongqing.li@windriver.com>
11		11
12	--- a/extract.c	12	Index: unzip60/extract.c
13	+++ b/extract.c	13	===================================================================
14	@@ -2232,10 +2232,17 @@	14	--- unzip60.orig/extract.c
		15	+++ unzip60/extract.c
		16	@@ -2233,10 +2233,17 @@ static int test_compr_eb(__G__ eb, eb_si
15	if (compr_offset < 4) /* field is not compressed: */	17	if (compr_offset < 4) /* field is not compressed: */
16	return PK_OK; /* do nothing and signal OK */	18	return PK_OK; /* do nothing and signal OK */
17		19
@@ -30,5 +32,5 @@ Signed-off-by: Roy Li <rongqing.li@windriver.com>
30	+ ((eb_ucsize > 0L) && (eb_size <= (compr_offset + EB_CMPRHEADLEN))))	32	+ ((eb_ucsize > 0L) && (eb_size <= (compr_offset + EB_CMPRHEADLEN))))
31	+ return IZ_EF_TRUNC; /* no/bad compressed data! */	33	+ return IZ_EF_TRUNC; /* no/bad compressed data! */
32		34
33	if (	35	method = makeword(eb + (EB_HEADSIZE + compr_offset));
34	#ifdef INT_16BIT	36	if ((method == STORED) &&