Merge #260710: zip: fix buffer overflow on Unicode path names
...into staging
This commit is contained in:
commit
986458ffbc
@ -0,0 +1,12 @@
|
||||
diff -urp zip30/fileio.c zip30/fileio.c
|
||||
--- zip30/fileio.c 2008-05-29 03:13:24.000000000 +0300
|
||||
+++ zip30/fileio.c 2023-05-02 12:19:50.488314853 +0300
|
||||
@@ -3502,7 +3502,7 @@ zwchar *local_to_wide_string(local_strin
|
||||
if ((wc_string = (wchar_t *)malloc((wsize + 1) * sizeof(wchar_t))) == NULL) {
|
||||
ZIPERR(ZE_MEM, "local_to_wide_string");
|
||||
}
|
||||
- wsize = mbstowcs(wc_string, local_string, strlen(local_string) + 1);
|
||||
+ wsize = mbstowcs(wc_string, local_string, wsize + 1);
|
||||
wc_string[wsize] = (wchar_t) 0;
|
||||
|
||||
/* in case wchar_t is not zwchar */
|
@ -33,6 +33,9 @@ stdenv.mkDerivation rec {
|
||||
./fix-memset-detection.patch
|
||||
# Implicit declaration of `closedir` and `opendir` cause dirent detection to fail with clang 16.
|
||||
./fix-implicit-declarations.patch
|
||||
# Buffer overflow on Unicode characters in path names
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=2165653
|
||||
./buffer-overflow-on-utf8-rh-bug-2165653.patch
|
||||
] ++ lib.optionals (enableNLS && !stdenv.isCygwin) [ ./natspec-gentoo.patch.bz2 ];
|
||||
|
||||
buildInputs = lib.optional enableNLS libnatspec
|
||||
|
Loading…
Reference in New Issue
Block a user