|
| 1 | +From 24bfe051b63f7347d06d852a277ceb657be5d1d4 Mon Sep 17 00:00:00 2001 |
| 2 | +From: archana25-ms <v-shettigara@microsoft.com> |
| 3 | +Date: Tue, 25 Mar 2025 18:05:10 +0000 |
| 4 | +Subject: [PATCH] Address CVE-2021-4217 |
| 5 | +Upstream Patch Reference: https://bugs.launchpad.net/ubuntu/+source/unzip/+bug/1957077 |
| 6 | + |
| 7 | +--- |
| 8 | + fileio.c | 5 ++++- |
| 9 | + process.c | 6 +++++- |
| 10 | + 2 files changed, 9 insertions(+), 2 deletions(-) |
| 11 | + |
| 12 | +diff --git a/fileio.c b/fileio.c |
| 13 | +index 285f7fe..1de95f2 100644 |
| 14 | +--- a/fileio.c |
| 15 | ++++ b/fileio.c |
| 16 | +@@ -2303,8 +2303,11 @@ int do_string(__G__ length, option) /* return PK-type error code */ |
| 17 | + seek_zipf(__G__ G.cur_zipfile_bufstart - G.extra_bytes + |
| 18 | + (G.inptr-G.inbuf) + length); |
| 19 | + } else { |
| 20 | +- if (readbuf(__G__ (char *)G.extra_field, length) == 0) |
| 21 | ++ unsigned bytes_read = readbuf(__G__ (char *)G.extra_field, length); |
| 22 | ++ if (bytes_read == 0) |
| 23 | + return PK_EOF; |
| 24 | ++ if (bytes_read != length) |
| 25 | ++ return PK_ERR; |
| 26 | + /* Looks like here is where extra fields are read */ |
| 27 | + if (getZip64Data(__G__ G.extra_field, length) != PK_COOL) |
| 28 | + { |
| 29 | +diff --git a/process.c b/process.c |
| 30 | +index 09d54f7..196b912 100644 |
| 31 | +--- a/process.c |
| 32 | ++++ b/process.c |
| 33 | +@@ -2055,10 +2055,14 @@ int getUnicodeData(__G__ ef_buf, ef_len) |
| 34 | + G.unipath_checksum = makelong(offset + ef_buf); |
| 35 | + offset += 4; |
| 36 | + |
| 37 | ++ if (!G.filename_full) { |
| 38 | ++ /* Check if we have a unicode extra section but no filename set */ |
| 39 | ++ return PK_ERR; |
| 40 | ++ } |
| 41 | ++ |
| 42 | + /* |
| 43 | + * Compute 32-bit crc |
| 44 | + */ |
| 45 | +- |
| 46 | + chksum = crc32(chksum, (uch *)(G.filename_full), |
| 47 | + strlen(G.filename_full)); |
| 48 | + |
| 49 | +-- |
| 50 | +2.45.3 |
| 51 | + |
0 commit comments