From af8b70d359edabcf828c2d781345e327dd00b4d6 Mon Sep 17 00:00:00 2001 From: Ming Liu Date: Fri, 16 May 2025 10:17:31 +0200 Subject: zip: fix a buffer overflow detected issue A "buffer overflow detected" issue was observed as follows: | *** buffer overflow detected ***: terminated | | zip error: Interrupted (aborting) This issue is addressed by: https://bugzilla.redhat.com/show_bug.cgi?id=2165653 Port the fix. (From OE-Core rev: e2f3eeaedc0ea896f5f5b23f756056331b1647cf) Signed-off-by: Ming Liu Signed-off-by: Mathieu Dubois-Briand Signed-off-by: Richard Purdie --- ...io.c-fix-a-buffer-overflow-detected-issue.patch | 38 ++++++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 meta/recipes-extended/zip/zip-3.0/0001-fileio.c-fix-a-buffer-overflow-detected-issue.patch (limited to 'meta/recipes-extended/zip/zip-3.0/0001-fileio.c-fix-a-buffer-overflow-detected-issue.patch') diff --git a/meta/recipes-extended/zip/zip-3.0/0001-fileio.c-fix-a-buffer-overflow-detected-issue.patch b/meta/recipes-extended/zip/zip-3.0/0001-fileio.c-fix-a-buffer-overflow-detected-issue.patch new file mode 100644 index 0000000000..d760dfcec5 --- /dev/null +++ b/meta/recipes-extended/zip/zip-3.0/0001-fileio.c-fix-a-buffer-overflow-detected-issue.patch @@ -0,0 +1,38 @@ +From 23b4ed82bff20c737fe2e95d5b035e92a9522ca2 Mon Sep 17 00:00:00 2001 +From: Ming Liu +Date: Thu, 15 May 2025 13:58:45 +0200 +Subject: [PATCH] fileio.c: fix a buffer overflow detected issue +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Fix a following issue: +| *** buffer overflow detected ***: terminated +| +| zip error: Interrupted (aborting) + +Reference: https://bugzilla.redhat.com/show_bug.cgi?id=2165653 + +Upstream-Status: Inactive-Upstream [the fix is from Redhat but not the official project] + +Signed-off-by: Ming Liu +--- + fileio.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/fileio.c b/fileio.c +index 1847e62..5a2959d 100644 +--- a/fileio.c ++++ b/fileio.c +@@ -3502,7 +3502,7 @@ zwchar *local_to_wide_string(local_string) + if ((wc_string = (wchar_t *)malloc((wsize + 1) * sizeof(wchar_t))) == NULL) { + ZIPERR(ZE_MEM, "local_to_wide_string"); + } +- wsize = mbstowcs(wc_string, local_string, strlen(local_string) + 1); ++ wsize = mbstowcs(wc_string, local_string, wsize + 1); + wc_string[wsize] = (wchar_t) 0; + + /* in case wchar_t is not zwchar */ +-- +2.43.0 + -- cgit v1.2.3-54-g00ecf