unzip: fix symlink problem

Large zip files can cause unzip to crash, take a patch from Fedora to fix it. (From OE-Core rev: a001833b7c7a0a6eef88e053fe65e2a0c91ca7bc) (From OE-Core rev: 61235238157b747d47728f6c3d9ad8241dde0102) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2026-05-02 18:32:15 +02:00 · 2018-07-25 21:55:17 +01:00
parent dc09a230d7
commit c6b1f453b9
2 changed files with 27 additions and 0 deletions
--- a/meta/recipes-extended/unzip/unzip/symlink.patch
+++ b/meta/recipes-extended/unzip/unzip/symlink.patch
@@ -0,0 +1,26 @@
+Unzip doesn't handle large zip files well and crashes:
+
+"This only happens if you have more then 16k entries and when one of
+the 16k entry infos is reused it happend to be previously used for
+a symlink entry."
+
+This patch is taken from Fedora (https://bugzilla.redhat.com/show_bug.cgi?id=972427)
+
+Upstream-Status: Pending (upstream is dead)
+Signed-off-by: Ross Burton <ross.burton@intel.com>
+
+--- unzip60/process.c.sav	2013-06-09 12:08:57.070392264 +0200
+++ unzip60/process.c	2013-06-09 12:10:08.641696988 +0200
+@@ -1751,6 +1751,12 @@
+         = (G.crec.general_purpose_bit_flag & (1 << 11)) == (1 << 11);
+ #endif
+ 
+#ifdef SYMLINKS
+    /* Initialize the symlink flag, may be set by the platform-specific
+       mapattr function.  */
+    G.pInfo->symlink = 0;
+#endif 
+
+     return PK_COOL;
+ 
+ } /* end function process_cdir_file_hdr() */
--- a/meta/recipes-extended/unzip/unzip_6.0.bb
+++ b/meta/recipes-extended/unzip/unzip_6.0.bb
@@ -19,6 +19,7 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/infozip/UnZip%206.x%20%28latest%29/UnZip%206.0/
 	file://fix-security-format.patch \
 	file://18-cve-2014-9913-unzip-buffer-overflow.patch \
 	file://19-cve-2016-9844-zipinfo-buffer-overflow.patch \
+	file://symlink.patch \
 "
 UPSTREAM_VERSION_UNKNOWN = "1"