commit unrar for openSUSE:Factory:NonFree

Wed, 14 Oct 2015 07:47:24 -0700 

Hello community,

here is the log from the commit of package unrar for openSUSE:Factory:NonFree 
checked in at 2015-10-14 16:46:17
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory:NonFree/unrar (Old)
 and      /work/SRC/openSUSE:Factory:NonFree/.unrar.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "unrar"

Changes:
--------
--- /work/SRC/openSUSE:Factory:NonFree/unrar/unrar.changes      2015-09-17 
09:22:03.000000000 +0200
+++ /work/SRC/openSUSE:Factory:NonFree/.unrar.new/unrar.changes 2015-10-14 
16:46:21.000000000 +0200
@@ -1,0 +2,7 @@
+Thu Oct  8 17:37:01 UTC 2015 - lazy.k...@opensuse.org
+
+- Update to 5.3.5.
+  * Fixed bug: unrar could crash when unpacking .rar archives with
+    corrupt file headers.
+
+-------------------------------------------------------------------

Old:
----
  unrarsrc-5.3.4.tar.gz

New:
----
  unrarsrc-5.3.5.tar.gz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ unrar.spec ++++++
--- /var/tmp/diff_new_pack.woOtxz/_old  2015-10-14 16:46:22.000000000 +0200
+++ /var/tmp/diff_new_pack.woOtxz/_new  2015-10-14 16:46:22.000000000 +0200
@@ -18,10 +18,10 @@
 
 # majorversion should match the major version number.
 %define majorversion 5
-%define libsuffix 5_3_4
+%define libsuffix 5_3_5
 
 Name:           unrar
-Version:        5.3.4
+Version:        5.3.5
 Release:        0
 Summary:        A program to extract, test, and view RAR archives
 License:        SUSE-NonFree

++++++ unrarsrc-5.3.4.tar.gz -> unrarsrc-5.3.5.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/unrar/dll.rc new/unrar/dll.rc
--- old/unrar/dll.rc    2015-09-13 11:04:13.000000000 +0200
+++ new/unrar/dll.rc    2015-10-01 23:48:14.000000000 +0200
@@ -2,8 +2,8 @@
 #include <commctrl.h>
 
 VS_VERSION_INFO VERSIONINFO
-FILEVERSION 5, 30, 4, 1719
-PRODUCTVERSION 5, 30, 4, 1719
+FILEVERSION 5, 30, 4, 1738
+PRODUCTVERSION 5, 30, 4, 1738
 FILEOS VOS__WINDOWS32
 FILETYPE VFT_APP
 {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/unrar/extract.cpp new/unrar/extract.cpp
--- old/unrar/extract.cpp       2015-09-13 11:12:16.000000000 +0200
+++ new/unrar/extract.cpp       2015-10-02 00:34:56.000000000 +0200
@@ -206,6 +206,18 @@
 
 bool CmdExtract::ExtractCurrentFile(Archive &Arc,size_t HeaderSize,bool 
&Repeat)
 {
+  // We can get negative sizes in corrupt archive and it is unacceptable
+  // for size comparisons in CmdExtract::UnstoreFile and ComprDataIO::UnpRead,
+  // where we cast sizes to size_t and can exceed another read or available
+  // size. We could fix it when reading an archive. But we prefer to do it
+  // here, because this function is called directly in unrar.dll, so we fix
+  // bad parameters passed to dll. Also we want to see real negative sizes
+  // in the listing of corrupt archive.
+  if (Arc.FileHead.PackSize<0)
+    Arc.FileHead.PackSize=0;
+  if (Arc.FileHead.UnpSize<0)
+    Arc.FileHead.UnpSize=0;
+
   wchar Command=Cmd->Command[0];
   if (HeaderSize==0)
     if (DataIO.UnpVolume)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/unrar/list.cpp new/unrar/list.cpp
--- old/unrar/list.cpp  2015-09-13 11:12:17.000000000 +0200
+++ new/unrar/list.cpp  2015-10-02 00:34:56.000000000 +0200
@@ -215,7 +215,7 @@
     TitleShown=true;
   }
 
-  wchar UnpSizeText[20],PackSizeText[20];
+  wchar UnpSizeText[30],PackSizeText[30];
   if (hd.UnpSize==INT64NDF)
     wcscpy(UnpSizeText,L"?");
   else
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/unrar/strfn.cpp new/unrar/strfn.cpp
--- old/unrar/strfn.cpp 2015-09-13 11:12:17.000000000 +0200
+++ new/unrar/strfn.cpp 2015-10-02 00:34:56.000000000 +0200
@@ -290,14 +290,21 @@
   char NumStr[50];
   size_t Pos=0;
 
+  int Neg=n < 0 ? 1 : 0;
+  if (Neg)
+    n=-n;
+
   do
   {
-    if (Pos+1>=MaxSize)
+    if (Pos+1>=MaxSize-Neg)
       break;
     NumStr[Pos++]=char(n%10)+'0';
     n=n/10;
   } while (n!=0);
 
+  if (Neg)
+    NumStr[Pos++]='-';
+
   for (size_t I=0;I<Pos;I++)
     Str[I]=NumStr[Pos-I-1];
   Str[Pos]=0;
@@ -309,14 +316,21 @@
   wchar NumStr[50];
   size_t Pos=0;
 
+  int Neg=n < 0 ? 1 : 0;
+  if (Neg)
+    n=-n;
+
   do
   {
-    if (Pos+1>=MaxSize)
+    if (Pos+1>=MaxSize-Neg)
       break;
     NumStr[Pos++]=wchar(n%10)+'0';
     n=n/10;
   } while (n!=0);
 
+  if (Neg)
+    NumStr[Pos++]='-';
+
   for (size_t I=0;I<Pos;I++)
     Str[I]=NumStr[Pos-I-1];
   Str[Pos]=0;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/unrar/version.hpp new/unrar/version.hpp
--- old/unrar/version.hpp       2015-09-13 11:12:17.000000000 +0200
+++ new/unrar/version.hpp       2015-10-02 00:34:56.000000000 +0200
@@ -1,6 +1,6 @@
 #define RARVER_MAJOR     5
 #define RARVER_MINOR    30
 #define RARVER_BETA      4
-#define RARVER_DAY      13
-#define RARVER_MONTH     9
+#define RARVER_DAY       2
+#define RARVER_MONTH    10
 #define RARVER_YEAR   2015

Reply via email to