Package: unzip / 6.0-26

22-cve-2019-13232-fix-bug-in-undefer-input.patch Patch series | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
From: Mark Adler <madler@alumni.caltech.edu>
Subject: Fix bug in undefer_input() that misplaced the input state.
Origin: https://github.com/madler/unzip/commit/41beb477c5744bc396fa1162ee0c14218ec12213
Bug-Debian: https://bugs.debian.org/931433
X-Debian-version: 6.0-24

    Fix bug in undefer_input() that misplaced the input state.

--- a/fileio.c
+++ b/fileio.c
@@ -532,8 +532,10 @@
          * This condition was checked when G.incnt_leftover was set > 0 in
          * defer_leftover_input(), and it is NOT allowed to touch G.csize
          * before calling undefer_input() when (G.incnt_leftover > 0)
-         * (single exception: see read_byte()'s  "G.csize <= 0" handling) !!
+         * (single exception: see readbyte()'s  "G.csize <= 0" handling) !!
          */
+        if (G.csize < 0L)
+            G.csize = 0L;
         G.incnt = G.incnt_leftover + (int)G.csize;
         G.inptr = G.inptr_leftover - (int)G.csize;
         G.incnt_leftover = 0;