pkgsrc-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: pkgsrc/archivers/unzoo



Module Name:    pkgsrc
Committed By:   rillig
Date:           Thu Mar 26 22:29:47 UTC 2020

Modified Files:
        pkgsrc/archivers/unzoo: Makefile distinfo
Added Files:
        pkgsrc/archivers/unzoo/patches: patch-unzoo.c

Log Message:
archivers/unzoo: fix out-of-bounds read when matching non-ASCII

Found by GCC's -Wchar-subscripts.


To generate a diff of this commit:
cvs rdiff -u -r1.14 -r1.15 pkgsrc/archivers/unzoo/Makefile
cvs rdiff -u -r1.3 -r1.4 pkgsrc/archivers/unzoo/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/archivers/unzoo/patches/patch-unzoo.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/archivers/unzoo/Makefile
diff -u pkgsrc/archivers/unzoo/Makefile:1.14 pkgsrc/archivers/unzoo/Makefile:1.15
--- pkgsrc/archivers/unzoo/Makefile:1.14        Thu Oct  9 14:05:54 2014
+++ pkgsrc/archivers/unzoo/Makefile     Thu Mar 26 22:29:47 2020
@@ -1,8 +1,9 @@
-# $NetBSD: Makefile,v 1.14 2014/10/09 14:05:54 wiz Exp $
+# $NetBSD: Makefile,v 1.15 2020/03/26 22:29:47 rillig Exp $
 #
 
 DISTNAME=      unzoo.c
 PKGNAME=       unzoo-4.4
+PKGREVISION=   1
 CATEGORIES=    archivers
 MASTER_SITES=  # no dist site available
 EXTRACT_SUFX=  # empty

Index: pkgsrc/archivers/unzoo/distinfo
diff -u pkgsrc/archivers/unzoo/distinfo:1.3 pkgsrc/archivers/unzoo/distinfo:1.4
--- pkgsrc/archivers/unzoo/distinfo:1.3 Tue Nov  3 00:56:26 2015
+++ pkgsrc/archivers/unzoo/distinfo     Thu Mar 26 22:29:47 2020
@@ -1,6 +1,7 @@
-$NetBSD: distinfo,v 1.3 2015/11/03 00:56:26 agc Exp $
+$NetBSD: distinfo,v 1.4 2020/03/26 22:29:47 rillig Exp $
 
 SHA1 (unzoo.c) = 99a6e9922ccdf5d454c78d3a514d5e33ae17562d
 RMD160 (unzoo.c) = f7cf751dc865e73d3c51e4476dd2472e409b20ff
 SHA512 (unzoo.c) = d293e244e44af131702550ddefdd035e32de3e7228f6c1c805139d448ba96357931405d313405572c30fc7c8d2ff005cc0ffc4d0ad209f47ee9ec1217ccaed21
 Size (unzoo.c) = 115328 bytes
+SHA1 (patch-unzoo.c) = 5b652586c919a8a5a5498c00ae2330620af39ea4

Added files:

Index: pkgsrc/archivers/unzoo/patches/patch-unzoo.c
diff -u /dev/null pkgsrc/archivers/unzoo/patches/patch-unzoo.c:1.1
--- /dev/null   Thu Mar 26 22:29:47 2020
+++ pkgsrc/archivers/unzoo/patches/patch-unzoo.c        Thu Mar 26 22:29:47 2020
@@ -0,0 +1,41 @@
+$NetBSD: patch-unzoo.c,v 1.1 2020/03/26 22:29:47 rillig Exp $
+
+unzoo.c: In function 'IsMatchName':
+unzoo.c:1268:40: error: array subscript has type 'char' [-Werror=char-subscripts]
+         else if ( *pat=='?' && ! IsSpec[*str] ) { pat++;       str++;       }
+                                        ^
+unzoo.c:1271:40: error: array subscript has type 'char' [-Werror=char-subscripts]
+         else if ( tmp != 0  && ! IsSpec[*tmp] ) { pat =   pos; str = ++tmp; }
+                                        ^
+
+This looks indeed like undefined behavior since the function IsMatchName
+accepts arbitrary filenames, and filenames containing non-ASCII
+characters would access the array outside of its bounds.
+
+On NetBSD-8.0-x86_64 using GCC 5.5.0 the memory below IsSpec is BufArch,
+which means that pattern matching depended on the contents of the archive
+before.
+
+--- unzoo.c.orig       2020-03-26 22:01:16.074248902 +0000
++++ unzoo.c
+@@ -244,6 +244,7 @@
+ *H
+ */
+ #include        <stdio.h>
++#include      <string.h>
+ 
+ 
+ /****************************************************************************
+@@ -1265,10 +1266,10 @@ int             IsMatchName ( pat, str )
+     /* try to match the name part                                          */
+     while ( *pat != '\0' || *str != '\0' ) {
+         if      ( *pat==*str                  ) { pat++;       str++;       }
+-        else if ( *pat=='?' && ! IsSpec[*str] ) { pat++;       str++;       }
++        else if ( *pat=='?' && ! IsSpec[(unsigned char) *str] ) { pat++;       str++;       }
+         else if ( *pat=='?' && *str != '\0'   ) { pat++;       str++;       }
+         else if ( *pat=='*'                   ) { pos = ++pat; tmp =   str; }
+-        else if ( tmp != 0  && ! IsSpec[*tmp] ) { pat =   pos; str = ++tmp; }
++        else if ( tmp != 0  && ! IsSpec[(unsigned char) *tmp] ) { pat =   pos; str = ++tmp; }
+         else                                    break;
+     }
+     return *pat == '\0' && *str == '\0';



Home | Main Index | Thread Index | Old Index