Blame - import-layers/yocto-poky/meta/recipes-extended/unzip/unzip/CVE-2015-7697.patch - openbmc/openbmc

blob: a8f293674b98040e505aad952c7b56c918f7644a [file] [log] [blame]

Patrick Williams	f1e5d69	2016-03-30 15:21:19 -0500	[diff] [blame]	1	Upstream-Status: Backport
Patrick Williams	d8c66bc	2016-06-20 12:57:21 -0500	[diff] [blame]	2	CVE: CVE-2015-7697
Patrick Williams	f1e5d69	2016-03-30 15:21:19 -0500	[diff] [blame]	3	Signed-off-by: Tudor Florea <tudor.flore@enea.com>
				4
				5	From bd8a743ee0a77e65ad07ef4196c4cd366add3f26 Mon Sep 17 00:00:00 2001
				6	From: Kamil Dudka <kdudka@redhat.com>
				7	Date: Mon, 14 Sep 2015 18:24:56 +0200
				8	Subject: [PATCH 2/2] fix infinite loop when extracting empty bzip2 data
				9
				10	---
				11	extract.c \| 6 ++++++
				12	1 file changed, 6 insertions(+)
				13
				14	diff --git a/extract.c b/extract.c
				15	index 7134bfe..29db027 100644
				16	--- a/extract.c
				17	+++ b/extract.c
				18	@@ -2733,6 +2733,12 @@ __GDEF
				19	int repeated_buf_err;
				20	bz_stream bstrm;
				21
				22	+ if (G.incnt <= 0 && G.csize <= 0L) {
				23	+ /* avoid an infinite loop */
				24	+ Trace((stderr, "UZbunzip2() got empty input\n"));
				25	+ return 2;
				26	+ }
				27	+
				28	#if (defined(DLL) && !defined(NO_SLIDE_REDIR))
				29	if (G.redirect_slide)
				30	wsize = G.redirect_size, redirSlide = G.redirect_buffer;
				31	--
				32	2.4.6