Date: Saturday, January 10, 2015 @ 20:27:56 Author: bisson Revision: 228891
archrelease: copy trunk to extra-i686, extra-x86_64 Added: unzip/repos/extra-i686/PKGBUILD (from rev 228890, unzip/trunk/PKGBUILD) unzip/repos/extra-i686/crc32.patch (from rev 228890, unzip/trunk/crc32.patch) unzip/repos/extra-i686/getZip64Data.patch (from rev 228890, unzip/trunk/getZip64Data.patch) unzip/repos/extra-i686/test_compr_eb.patch (from rev 228890, unzip/trunk/test_compr_eb.patch) unzip/repos/extra-x86_64/PKGBUILD (from rev 228890, unzip/trunk/PKGBUILD) unzip/repos/extra-x86_64/crc32.patch (from rev 228890, unzip/trunk/crc32.patch) unzip/repos/extra-x86_64/getZip64Data.patch (from rev 228890, unzip/trunk/getZip64Data.patch) unzip/repos/extra-x86_64/test_compr_eb.patch (from rev 228890, unzip/trunk/test_compr_eb.patch) Deleted: unzip/repos/extra-i686/PKGBUILD unzip/repos/extra-i686/crc32.patch unzip/repos/extra-i686/getZip64Data.patch unzip/repos/extra-x86_64/PKGBUILD unzip/repos/extra-x86_64/crc32.patch unzip/repos/extra-x86_64/getZip64Data.patch ----------------------------------+ /PKGBUILD | 100 +++++++++++++ /crc32.patch | 90 ++++++++++++ /getZip64Data.patch | 266 +++++++++++++++++++++++++++++++++++++ extra-i686/PKGBUILD | 47 ------ extra-i686/crc32.patch | 45 ------ extra-i686/getZip64Data.patch | 133 ------------------ extra-i686/test_compr_eb.patch | 23 +++ extra-x86_64/PKGBUILD | 47 ------ extra-x86_64/crc32.patch | 45 ------ extra-x86_64/getZip64Data.patch | 133 ------------------ extra-x86_64/test_compr_eb.patch | 23 +++ 11 files changed, 502 insertions(+), 450 deletions(-) Deleted: extra-i686/PKGBUILD =================================================================== --- extra-i686/PKGBUILD 2015-01-10 19:27:10 UTC (rev 228890) +++ extra-i686/PKGBUILD 2015-01-10 19:27:56 UTC (rev 228891) @@ -1,47 +0,0 @@ -# $Id$ -# Maintainer: Gaetan Bisson <bis...@archlinux.org> -# Contributor: Douglas Soares de Andrade <doug...@archlinux.org> -# Contributor: Robson Peixoto - -pkgname=unzip -pkgver=6.0 -_pkgver=${pkgver/./} -pkgrel=8 -pkgdesc='For extracting and viewing files in .zip archives' -url='http://www.info-zip.org/UnZip.html' -arch=('i686' 'x86_64') -license=('custom') -depends=('bzip2' 'bash') -source=("http://downloads.sourceforge.net/infozip/${pkgname}${_pkgver}.tar.gz" - 'getZip64Data.patch' - 'crc32.patch') -sha1sums=('abf7de8a4018a983590ed6f5cbd990d4740f8a22' - '691d0751bf0bc98cf9f9889dee39baccabefdc4d' - '82c9fe9172779a0ee92a187d544e74e8f512b013') - -prepare() { - cd "${srcdir}/${pkgname}${_pkgver}" - sed -i "/MANDIR =/s#)/#)/share/#" unix/Makefile - patch -i ../getZip64Data.patch # FS#43300 - patch -i ../crc32.patch # FS#43300 -} - -build() { - cd "${srcdir}/${pkgname}${_pkgver}" - - # DEFINES, make, and install args from Debian - DEFINES='-DACORN_FTYPE_NFS -DWILD_STOP_AT_DIR -DLARGE_FILE_SUPPORT \ - -DUNICODE_SUPPORT -DUNICODE_WCHAR -DUTF8_MAYBE_NATIVE -DNO_LCHMOD \ - -DDATE_FORMAT=DF_YMD -DUSE_BZIP2 -DNOMEMCPY -DNO_WORKING_ISPRINT' - - make -f unix/Makefile prefix=/usr \ - D_USE_BZ2=-DUSE_BZIP2 L_BZ2=-lbz2 \ - LF2="$LDFLAGS" CF="$CFLAGS $CPPFLAGS -I. $DEFINES" \ - unzips -} - -package() { - cd "${srcdir}/${pkgname}${_pkgver}" - make -f unix/Makefile prefix="${pkgdir}"/usr install - install -Dm644 LICENSE "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE" -} Copied: unzip/repos/extra-i686/PKGBUILD (from rev 228890, unzip/trunk/PKGBUILD) =================================================================== --- extra-i686/PKGBUILD (rev 0) +++ extra-i686/PKGBUILD 2015-01-10 19:27:56 UTC (rev 228891) @@ -0,0 +1,50 @@ +# $Id$ +# Maintainer: Gaetan Bisson <bis...@archlinux.org> +# Contributor: Douglas Soares de Andrade <doug...@archlinux.org> +# Contributor: Robson Peixoto + +pkgname=unzip +pkgver=6.0 +_pkgver=${pkgver/./} +pkgrel=9 +pkgdesc='For extracting and viewing files in .zip archives' +url='http://www.info-zip.org/UnZip.html' +arch=('i686' 'x86_64') +license=('custom') +depends=('bzip2' 'bash') +source=("http://downloads.sourceforge.net/infozip/${pkgname}${_pkgver}.tar.gz" + 'test_compr_eb.patch' + 'getZip64Data.patch' + 'crc32.patch') +sha1sums=('abf7de8a4018a983590ed6f5cbd990d4740f8a22' + '614c3e7fa7d6da7c60ea2aa79e36f4cbd17c3824' + '691d0751bf0bc98cf9f9889dee39baccabefdc4d' + '82c9fe9172779a0ee92a187d544e74e8f512b013') + +prepare() { + cd "${srcdir}/${pkgname}${_pkgver}" + sed -i "/MANDIR =/s#)/#)/share/#" unix/Makefile + patch -i ../test_compr_eb.patch # FS#43391 + patch -i ../getZip64Data.patch # FS#43300 + patch -i ../crc32.patch # FS#43300 +} + +build() { + cd "${srcdir}/${pkgname}${_pkgver}" + + # DEFINES, make, and install args from Debian + DEFINES='-DACORN_FTYPE_NFS -DWILD_STOP_AT_DIR -DLARGE_FILE_SUPPORT \ + -DUNICODE_SUPPORT -DUNICODE_WCHAR -DUTF8_MAYBE_NATIVE -DNO_LCHMOD \ + -DDATE_FORMAT=DF_YMD -DUSE_BZIP2 -DNOMEMCPY -DNO_WORKING_ISPRINT' + + make -f unix/Makefile prefix=/usr \ + D_USE_BZ2=-DUSE_BZIP2 L_BZ2=-lbz2 \ + LF2="$LDFLAGS" CF="$CFLAGS $CPPFLAGS -I. $DEFINES" \ + unzips +} + +package() { + cd "${srcdir}/${pkgname}${_pkgver}" + make -f unix/Makefile prefix="${pkgdir}"/usr install + install -Dm644 LICENSE "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE" +} Deleted: extra-i686/crc32.patch =================================================================== --- extra-i686/crc32.patch 2015-01-10 19:27:10 UTC (rev 228890) +++ extra-i686/crc32.patch 2015-01-10 19:27:56 UTC (rev 228891) @@ -1,45 +0,0 @@ ---- unzip60/extract.c 2010-04-03 14:41:55 -0500 -+++ unzip60/extract.c 2014-12-03 15:33:35 -0600 -@@ -1,5 +1,5 @@ - /* -- Copyright (c) 1990-2009 Info-ZIP. All rights reserved. -+ Copyright (c) 1990-2014 Info-ZIP. All rights reserved. - - See the accompanying file LICENSE, version 2009-Jan-02 or later - (the contents of which are also included in unzip.h) for terms of use. -@@ -298,6 +298,8 @@ - #ifndef SFX - static ZCONST char Far InconsistEFlength[] = "bad extra-field entry:\n \ - EF block length (%u bytes) exceeds remaining EF data (%u bytes)\n"; -+ static ZCONST char Far TooSmallEFlength[] = "bad extra-field entry:\n \ -+ EF block length (%u bytes) invalid (< %d)\n"; - static ZCONST char Far InvalidComprDataEAs[] = - " invalid compressed data for EAs\n"; - # if (defined(WIN32) && defined(NTSD_EAS)) -@@ -2023,7 +2025,8 @@ - ebID = makeword(ef); - ebLen = (unsigned)makeword(ef+EB_LEN); - -- if (ebLen > (ef_len - EB_HEADSIZE)) { -+ if (ebLen > (ef_len - EB_HEADSIZE)) -+ { - /* Discovered some extra field inconsistency! */ - if (uO.qflag) - Info(slide, 1, ((char *)slide, "%-22s ", -@@ -2032,6 +2035,16 @@ - ebLen, (ef_len - EB_HEADSIZE))); - return PK_ERR; - } -+ else if (ebLen < EB_HEADSIZE) -+ { -+ /* Extra block length smaller than header length. */ -+ if (uO.qflag) -+ Info(slide, 1, ((char *)slide, "%-22s ", -+ FnFilter1(G.filename))); -+ Info(slide, 1, ((char *)slide, LoadFarString(TooSmallEFlength), -+ ebLen, EB_HEADSIZE)); -+ return PK_ERR; -+ } - - switch (ebID) { - case EF_OS2: Copied: unzip/repos/extra-i686/crc32.patch (from rev 228890, unzip/trunk/crc32.patch) =================================================================== --- extra-i686/crc32.patch (rev 0) +++ extra-i686/crc32.patch 2015-01-10 19:27:56 UTC (rev 228891) @@ -0,0 +1,45 @@ +--- unzip60/extract.c 2010-04-03 14:41:55 -0500 ++++ unzip60/extract.c 2014-12-03 15:33:35 -0600 +@@ -1,5 +1,5 @@ + /* +- Copyright (c) 1990-2009 Info-ZIP. All rights reserved. ++ Copyright (c) 1990-2014 Info-ZIP. All rights reserved. + + See the accompanying file LICENSE, version 2009-Jan-02 or later + (the contents of which are also included in unzip.h) for terms of use. +@@ -298,6 +298,8 @@ + #ifndef SFX + static ZCONST char Far InconsistEFlength[] = "bad extra-field entry:\n \ + EF block length (%u bytes) exceeds remaining EF data (%u bytes)\n"; ++ static ZCONST char Far TooSmallEFlength[] = "bad extra-field entry:\n \ ++ EF block length (%u bytes) invalid (< %d)\n"; + static ZCONST char Far InvalidComprDataEAs[] = + " invalid compressed data for EAs\n"; + # if (defined(WIN32) && defined(NTSD_EAS)) +@@ -2023,7 +2025,8 @@ + ebID = makeword(ef); + ebLen = (unsigned)makeword(ef+EB_LEN); + +- if (ebLen > (ef_len - EB_HEADSIZE)) { ++ if (ebLen > (ef_len - EB_HEADSIZE)) ++ { + /* Discovered some extra field inconsistency! */ + if (uO.qflag) + Info(slide, 1, ((char *)slide, "%-22s ", +@@ -2032,6 +2035,16 @@ + ebLen, (ef_len - EB_HEADSIZE))); + return PK_ERR; + } ++ else if (ebLen < EB_HEADSIZE) ++ { ++ /* Extra block length smaller than header length. */ ++ if (uO.qflag) ++ Info(slide, 1, ((char *)slide, "%-22s ", ++ FnFilter1(G.filename))); ++ Info(slide, 1, ((char *)slide, LoadFarString(TooSmallEFlength), ++ ebLen, EB_HEADSIZE)); ++ return PK_ERR; ++ } + + switch (ebID) { + case EF_OS2: Deleted: extra-i686/getZip64Data.patch =================================================================== --- extra-i686/getZip64Data.patch 2015-01-10 19:27:10 UTC (rev 228890) +++ extra-i686/getZip64Data.patch 2015-01-10 19:27:56 UTC (rev 228891) @@ -1,133 +0,0 @@ ---- process.c 2009-03-06 02:25:10.000000000 +0100 -+++ process.c 2014-12-05 22:42:39.000000000 +0100 -@@ -1,5 +1,5 @@ - /* -- Copyright (c) 1990-2009 Info-ZIP. All rights reserved. -+ Copyright (c) 1990-2014 Info-ZIP. All rights reserved. - - See the accompanying file LICENSE, version 2009-Jan-02 or later - (the contents of which are also included in unzip.h) for terms of use. -@@ -1888,48 +1888,82 @@ int getZip64Data(__G__ ef_buf, ef_len) - and a 4-byte version of disk start number. - Sets both local header and central header fields. Not terribly clever, - but it means that this procedure is only called in one place. -+ -+ 2014-12-05 SMS. -+ Added checks to ensure that enough data are available before calling -+ makeint64() or makelong(). Replaced various sizeof() values with -+ simple ("4" or "8") constants. (The Zip64 structures do not depend -+ on our variable sizes.) Error handling is crude, but we should now -+ stay within the buffer. - ---------------------------------------------------------------------------*/ - -+#define Z64FLGS 0xffff -+#define Z64FLGL 0xffffffff -+ - if (ef_len == 0 || ef_buf == NULL) - return PK_COOL; - - Trace((stderr,"\ngetZip64Data: scanning extra field of length %u\n", - ef_len)); - -- while (ef_len >= EB_HEADSIZE) { -+ while (ef_len >= EB_HEADSIZE) -+ { - eb_id = makeword(EB_ID + ef_buf); - eb_len = makeword(EB_LEN + ef_buf); - -- if (eb_len > (ef_len - EB_HEADSIZE)) { -- /* discovered some extra field inconsistency! */ -+ if (eb_len > (ef_len - EB_HEADSIZE)) -+ { -+ /* Extra block length exceeds remaining extra field length. */ - Trace((stderr, - "getZip64Data: block length %u > rest ef_size %u\n", eb_len, - ef_len - EB_HEADSIZE)); - break; - } -- if (eb_id == EF_PKSZ64) { -- -+ if (eb_id == EF_PKSZ64) -+ { - int offset = EB_HEADSIZE; - -- if (G.crec.ucsize == 0xffffffff || G.lrec.ucsize == 0xffffffff){ -- G.lrec.ucsize = G.crec.ucsize = makeint64(offset + ef_buf); -- offset += sizeof(G.crec.ucsize); -+ if ((G.crec.ucsize == Z64FLGL) || (G.lrec.ucsize == Z64FLGL)) -+ { -+ if (offset+ 8 > ef_len) -+ return PK_ERR; -+ -+ G.crec.ucsize = G.lrec.ucsize = makeint64(offset + ef_buf); -+ offset += 8; - } -- if (G.crec.csize == 0xffffffff || G.lrec.csize == 0xffffffff){ -- G.csize = G.lrec.csize = G.crec.csize = makeint64(offset + ef_buf); -- offset += sizeof(G.crec.csize); -+ -+ if ((G.crec.csize == Z64FLGL) || (G.lrec.csize == Z64FLGL)) -+ { -+ if (offset+ 8 > ef_len) -+ return PK_ERR; -+ -+ G.csize = G.crec.csize = G.lrec.csize = makeint64(offset + ef_buf); -+ offset += 8; - } -- if (G.crec.relative_offset_local_header == 0xffffffff){ -+ -+ if (G.crec.relative_offset_local_header == Z64FLGL) -+ { -+ if (offset+ 8 > ef_len) -+ return PK_ERR; -+ - G.crec.relative_offset_local_header = makeint64(offset + ef_buf); -- offset += sizeof(G.crec.relative_offset_local_header); -+ offset += 8; - } -- if (G.crec.disk_number_start == 0xffff){ -+ -+ if (G.crec.disk_number_start == Z64FLGS) -+ { -+ if (offset+ 4 > ef_len) -+ return PK_ERR; -+ - G.crec.disk_number_start = (zuvl_t)makelong(offset + ef_buf); -- offset += sizeof(G.crec.disk_number_start); -+ offset += 4; - } -+#if 0 -+ break; /* Expect only one EF_PKSZ64 block. */ -+#endif /* 0 */ - } - -- /* Skip this extra field block */ -+ /* Skip this extra field block. */ - ef_buf += (eb_len + EB_HEADSIZE); - ef_len -= (eb_len + EB_HEADSIZE); - } ---- fileio.c 2009-04-20 02:03:44.000000000 +0200 -+++ fileio.c 2014-12-05 22:44:16.000000000 +0100 -@@ -176,6 +176,8 @@ static ZCONST char Far FilenameTooLongTr - #endif - static ZCONST char Far ExtraFieldTooLong[] = - "warning: extra field too long (%d). Ignoring...\n"; -+static ZCONST char Far ExtraFieldCorrupt[] = -+ "warning: extra field (type: 0x%04x) corrupt. Continuing...\n"; - - #ifdef WINDLL - static ZCONST char Far DiskFullQuery[] = -@@ -2295,7 +2297,12 @@ int do_string(__G__ length, option) /* - if (readbuf(__G__ (char *)G.extra_field, length) == 0) - return PK_EOF; - /* Looks like here is where extra fields are read */ -- getZip64Data(__G__ G.extra_field, length); -+ if (getZip64Data(__G__ G.extra_field, length) != PK_COOL) -+ { -+ Info(slide, 0x401, ((char *)slide, -+ LoadFarString( ExtraFieldCorrupt), EF_PKSZ64)); -+ error = PK_WARN; -+ } - #ifdef UNICODE_SUPPORT - G.unipath_filename = NULL; - if (G.UzO.U_flag < 2) { Copied: unzip/repos/extra-i686/getZip64Data.patch (from rev 228890, unzip/trunk/getZip64Data.patch) =================================================================== --- extra-i686/getZip64Data.patch (rev 0) +++ extra-i686/getZip64Data.patch 2015-01-10 19:27:56 UTC (rev 228891) @@ -0,0 +1,133 @@ +--- process.c 2009-03-06 02:25:10.000000000 +0100 ++++ process.c 2014-12-05 22:42:39.000000000 +0100 +@@ -1,5 +1,5 @@ + /* +- Copyright (c) 1990-2009 Info-ZIP. All rights reserved. ++ Copyright (c) 1990-2014 Info-ZIP. All rights reserved. + + See the accompanying file LICENSE, version 2009-Jan-02 or later + (the contents of which are also included in unzip.h) for terms of use. +@@ -1888,48 +1888,82 @@ int getZip64Data(__G__ ef_buf, ef_len) + and a 4-byte version of disk start number. + Sets both local header and central header fields. Not terribly clever, + but it means that this procedure is only called in one place. ++ ++ 2014-12-05 SMS. ++ Added checks to ensure that enough data are available before calling ++ makeint64() or makelong(). Replaced various sizeof() values with ++ simple ("4" or "8") constants. (The Zip64 structures do not depend ++ on our variable sizes.) Error handling is crude, but we should now ++ stay within the buffer. + ---------------------------------------------------------------------------*/ + ++#define Z64FLGS 0xffff ++#define Z64FLGL 0xffffffff ++ + if (ef_len == 0 || ef_buf == NULL) + return PK_COOL; + + Trace((stderr,"\ngetZip64Data: scanning extra field of length %u\n", + ef_len)); + +- while (ef_len >= EB_HEADSIZE) { ++ while (ef_len >= EB_HEADSIZE) ++ { + eb_id = makeword(EB_ID + ef_buf); + eb_len = makeword(EB_LEN + ef_buf); + +- if (eb_len > (ef_len - EB_HEADSIZE)) { +- /* discovered some extra field inconsistency! */ ++ if (eb_len > (ef_len - EB_HEADSIZE)) ++ { ++ /* Extra block length exceeds remaining extra field length. */ + Trace((stderr, + "getZip64Data: block length %u > rest ef_size %u\n", eb_len, + ef_len - EB_HEADSIZE)); + break; + } +- if (eb_id == EF_PKSZ64) { +- ++ if (eb_id == EF_PKSZ64) ++ { + int offset = EB_HEADSIZE; + +- if (G.crec.ucsize == 0xffffffff || G.lrec.ucsize == 0xffffffff){ +- G.lrec.ucsize = G.crec.ucsize = makeint64(offset + ef_buf); +- offset += sizeof(G.crec.ucsize); ++ if ((G.crec.ucsize == Z64FLGL) || (G.lrec.ucsize == Z64FLGL)) ++ { ++ if (offset+ 8 > ef_len) ++ return PK_ERR; ++ ++ G.crec.ucsize = G.lrec.ucsize = makeint64(offset + ef_buf); ++ offset += 8; + } +- if (G.crec.csize == 0xffffffff || G.lrec.csize == 0xffffffff){ +- G.csize = G.lrec.csize = G.crec.csize = makeint64(offset + ef_buf); +- offset += sizeof(G.crec.csize); ++ ++ if ((G.crec.csize == Z64FLGL) || (G.lrec.csize == Z64FLGL)) ++ { ++ if (offset+ 8 > ef_len) ++ return PK_ERR; ++ ++ G.csize = G.crec.csize = G.lrec.csize = makeint64(offset + ef_buf); ++ offset += 8; + } +- if (G.crec.relative_offset_local_header == 0xffffffff){ ++ ++ if (G.crec.relative_offset_local_header == Z64FLGL) ++ { ++ if (offset+ 8 > ef_len) ++ return PK_ERR; ++ + G.crec.relative_offset_local_header = makeint64(offset + ef_buf); +- offset += sizeof(G.crec.relative_offset_local_header); ++ offset += 8; + } +- if (G.crec.disk_number_start == 0xffff){ ++ ++ if (G.crec.disk_number_start == Z64FLGS) ++ { ++ if (offset+ 4 > ef_len) ++ return PK_ERR; ++ + G.crec.disk_number_start = (zuvl_t)makelong(offset + ef_buf); +- offset += sizeof(G.crec.disk_number_start); ++ offset += 4; + } ++#if 0 ++ break; /* Expect only one EF_PKSZ64 block. */ ++#endif /* 0 */ + } + +- /* Skip this extra field block */ ++ /* Skip this extra field block. */ + ef_buf += (eb_len + EB_HEADSIZE); + ef_len -= (eb_len + EB_HEADSIZE); + } +--- fileio.c 2009-04-20 02:03:44.000000000 +0200 ++++ fileio.c 2014-12-05 22:44:16.000000000 +0100 +@@ -176,6 +176,8 @@ static ZCONST char Far FilenameTooLongTr + #endif + static ZCONST char Far ExtraFieldTooLong[] = + "warning: extra field too long (%d). Ignoring...\n"; ++static ZCONST char Far ExtraFieldCorrupt[] = ++ "warning: extra field (type: 0x%04x) corrupt. Continuing...\n"; + + #ifdef WINDLL + static ZCONST char Far DiskFullQuery[] = +@@ -2295,7 +2297,12 @@ int do_string(__G__ length, option) /* + if (readbuf(__G__ (char *)G.extra_field, length) == 0) + return PK_EOF; + /* Looks like here is where extra fields are read */ +- getZip64Data(__G__ G.extra_field, length); ++ if (getZip64Data(__G__ G.extra_field, length) != PK_COOL) ++ { ++ Info(slide, 0x401, ((char *)slide, ++ LoadFarString( ExtraFieldCorrupt), EF_PKSZ64)); ++ error = PK_WARN; ++ } + #ifdef UNICODE_SUPPORT + G.unipath_filename = NULL; + if (G.UzO.U_flag < 2) { Copied: unzip/repos/extra-i686/test_compr_eb.patch (from rev 228890, unzip/trunk/test_compr_eb.patch) =================================================================== --- extra-i686/test_compr_eb.patch (rev 0) +++ extra-i686/test_compr_eb.patch 2015-01-10 19:27:56 UTC (rev 228891) @@ -0,0 +1,23 @@ +--- extract.c 2009-03-14 02:32:52.000000000 +0100 ++++ extract.c 2014-12-05 22:43:13.000000000 +0100 +@@ -2221,10 +2234,17 @@ static int test_compr_eb(__G__ eb, eb_si + if (compr_offset < 4) /* field is not compressed: */ + return PK_OK; /* do nothing and signal OK */ + ++ /* Return no/bad-data error status if any problem is found: ++ * 1. eb_size is too small to hold the uncompressed size ++ * (eb_ucsize). (Else extract eb_ucsize.) ++ * 2. eb_ucsize is zero (invalid). 2014-12-04 SMS. ++ * 3. eb_ucsize is positive, but eb_size is too small to hold ++ * the compressed data header. ++ */ + if ((eb_size < (EB_UCSIZE_P + 4)) || +- ((eb_ucsize = makelong(eb+(EB_HEADSIZE+EB_UCSIZE_P))) > 0L && +- eb_size <= (compr_offset + EB_CMPRHEADLEN))) +- return IZ_EF_TRUNC; /* no compressed data! */ ++ ((eb_ucsize = makelong( eb+ (EB_HEADSIZE+ EB_UCSIZE_P))) == 0L) || ++ ((eb_ucsize > 0L) && (eb_size <= (compr_offset + EB_CMPRHEADLEN)))) ++ return IZ_EF_TRUNC; /* no/bad compressed data! */ + + if ( + #ifdef INT_16BIT Deleted: extra-x86_64/PKGBUILD =================================================================== --- extra-x86_64/PKGBUILD 2015-01-10 19:27:10 UTC (rev 228890) +++ extra-x86_64/PKGBUILD 2015-01-10 19:27:56 UTC (rev 228891) @@ -1,47 +0,0 @@ -# $Id$ -# Maintainer: Gaetan Bisson <bis...@archlinux.org> -# Contributor: Douglas Soares de Andrade <doug...@archlinux.org> -# Contributor: Robson Peixoto - -pkgname=unzip -pkgver=6.0 -_pkgver=${pkgver/./} -pkgrel=8 -pkgdesc='For extracting and viewing files in .zip archives' -url='http://www.info-zip.org/UnZip.html' -arch=('i686' 'x86_64') -license=('custom') -depends=('bzip2' 'bash') -source=("http://downloads.sourceforge.net/infozip/${pkgname}${_pkgver}.tar.gz" - 'getZip64Data.patch' - 'crc32.patch') -sha1sums=('abf7de8a4018a983590ed6f5cbd990d4740f8a22' - '691d0751bf0bc98cf9f9889dee39baccabefdc4d' - '82c9fe9172779a0ee92a187d544e74e8f512b013') - -prepare() { - cd "${srcdir}/${pkgname}${_pkgver}" - sed -i "/MANDIR =/s#)/#)/share/#" unix/Makefile - patch -i ../getZip64Data.patch # FS#43300 - patch -i ../crc32.patch # FS#43300 -} - -build() { - cd "${srcdir}/${pkgname}${_pkgver}" - - # DEFINES, make, and install args from Debian - DEFINES='-DACORN_FTYPE_NFS -DWILD_STOP_AT_DIR -DLARGE_FILE_SUPPORT \ - -DUNICODE_SUPPORT -DUNICODE_WCHAR -DUTF8_MAYBE_NATIVE -DNO_LCHMOD \ - -DDATE_FORMAT=DF_YMD -DUSE_BZIP2 -DNOMEMCPY -DNO_WORKING_ISPRINT' - - make -f unix/Makefile prefix=/usr \ - D_USE_BZ2=-DUSE_BZIP2 L_BZ2=-lbz2 \ - LF2="$LDFLAGS" CF="$CFLAGS $CPPFLAGS -I. $DEFINES" \ - unzips -} - -package() { - cd "${srcdir}/${pkgname}${_pkgver}" - make -f unix/Makefile prefix="${pkgdir}"/usr install - install -Dm644 LICENSE "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE" -} Copied: unzip/repos/extra-x86_64/PKGBUILD (from rev 228890, unzip/trunk/PKGBUILD) =================================================================== --- extra-x86_64/PKGBUILD (rev 0) +++ extra-x86_64/PKGBUILD 2015-01-10 19:27:56 UTC (rev 228891) @@ -0,0 +1,50 @@ +# $Id$ +# Maintainer: Gaetan Bisson <bis...@archlinux.org> +# Contributor: Douglas Soares de Andrade <doug...@archlinux.org> +# Contributor: Robson Peixoto + +pkgname=unzip +pkgver=6.0 +_pkgver=${pkgver/./} +pkgrel=9 +pkgdesc='For extracting and viewing files in .zip archives' +url='http://www.info-zip.org/UnZip.html' +arch=('i686' 'x86_64') +license=('custom') +depends=('bzip2' 'bash') +source=("http://downloads.sourceforge.net/infozip/${pkgname}${_pkgver}.tar.gz" + 'test_compr_eb.patch' + 'getZip64Data.patch' + 'crc32.patch') +sha1sums=('abf7de8a4018a983590ed6f5cbd990d4740f8a22' + '614c3e7fa7d6da7c60ea2aa79e36f4cbd17c3824' + '691d0751bf0bc98cf9f9889dee39baccabefdc4d' + '82c9fe9172779a0ee92a187d544e74e8f512b013') + +prepare() { + cd "${srcdir}/${pkgname}${_pkgver}" + sed -i "/MANDIR =/s#)/#)/share/#" unix/Makefile + patch -i ../test_compr_eb.patch # FS#43391 + patch -i ../getZip64Data.patch # FS#43300 + patch -i ../crc32.patch # FS#43300 +} + +build() { + cd "${srcdir}/${pkgname}${_pkgver}" + + # DEFINES, make, and install args from Debian + DEFINES='-DACORN_FTYPE_NFS -DWILD_STOP_AT_DIR -DLARGE_FILE_SUPPORT \ + -DUNICODE_SUPPORT -DUNICODE_WCHAR -DUTF8_MAYBE_NATIVE -DNO_LCHMOD \ + -DDATE_FORMAT=DF_YMD -DUSE_BZIP2 -DNOMEMCPY -DNO_WORKING_ISPRINT' + + make -f unix/Makefile prefix=/usr \ + D_USE_BZ2=-DUSE_BZIP2 L_BZ2=-lbz2 \ + LF2="$LDFLAGS" CF="$CFLAGS $CPPFLAGS -I. $DEFINES" \ + unzips +} + +package() { + cd "${srcdir}/${pkgname}${_pkgver}" + make -f unix/Makefile prefix="${pkgdir}"/usr install + install -Dm644 LICENSE "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE" +} Deleted: extra-x86_64/crc32.patch =================================================================== --- extra-x86_64/crc32.patch 2015-01-10 19:27:10 UTC (rev 228890) +++ extra-x86_64/crc32.patch 2015-01-10 19:27:56 UTC (rev 228891) @@ -1,45 +0,0 @@ ---- unzip60/extract.c 2010-04-03 14:41:55 -0500 -+++ unzip60/extract.c 2014-12-03 15:33:35 -0600 -@@ -1,5 +1,5 @@ - /* -- Copyright (c) 1990-2009 Info-ZIP. All rights reserved. -+ Copyright (c) 1990-2014 Info-ZIP. All rights reserved. - - See the accompanying file LICENSE, version 2009-Jan-02 or later - (the contents of which are also included in unzip.h) for terms of use. -@@ -298,6 +298,8 @@ - #ifndef SFX - static ZCONST char Far InconsistEFlength[] = "bad extra-field entry:\n \ - EF block length (%u bytes) exceeds remaining EF data (%u bytes)\n"; -+ static ZCONST char Far TooSmallEFlength[] = "bad extra-field entry:\n \ -+ EF block length (%u bytes) invalid (< %d)\n"; - static ZCONST char Far InvalidComprDataEAs[] = - " invalid compressed data for EAs\n"; - # if (defined(WIN32) && defined(NTSD_EAS)) -@@ -2023,7 +2025,8 @@ - ebID = makeword(ef); - ebLen = (unsigned)makeword(ef+EB_LEN); - -- if (ebLen > (ef_len - EB_HEADSIZE)) { -+ if (ebLen > (ef_len - EB_HEADSIZE)) -+ { - /* Discovered some extra field inconsistency! */ - if (uO.qflag) - Info(slide, 1, ((char *)slide, "%-22s ", -@@ -2032,6 +2035,16 @@ - ebLen, (ef_len - EB_HEADSIZE))); - return PK_ERR; - } -+ else if (ebLen < EB_HEADSIZE) -+ { -+ /* Extra block length smaller than header length. */ -+ if (uO.qflag) -+ Info(slide, 1, ((char *)slide, "%-22s ", -+ FnFilter1(G.filename))); -+ Info(slide, 1, ((char *)slide, LoadFarString(TooSmallEFlength), -+ ebLen, EB_HEADSIZE)); -+ return PK_ERR; -+ } - - switch (ebID) { - case EF_OS2: Copied: unzip/repos/extra-x86_64/crc32.patch (from rev 228890, unzip/trunk/crc32.patch) =================================================================== --- extra-x86_64/crc32.patch (rev 0) +++ extra-x86_64/crc32.patch 2015-01-10 19:27:56 UTC (rev 228891) @@ -0,0 +1,45 @@ +--- unzip60/extract.c 2010-04-03 14:41:55 -0500 ++++ unzip60/extract.c 2014-12-03 15:33:35 -0600 +@@ -1,5 +1,5 @@ + /* +- Copyright (c) 1990-2009 Info-ZIP. All rights reserved. ++ Copyright (c) 1990-2014 Info-ZIP. All rights reserved. + + See the accompanying file LICENSE, version 2009-Jan-02 or later + (the contents of which are also included in unzip.h) for terms of use. +@@ -298,6 +298,8 @@ + #ifndef SFX + static ZCONST char Far InconsistEFlength[] = "bad extra-field entry:\n \ + EF block length (%u bytes) exceeds remaining EF data (%u bytes)\n"; ++ static ZCONST char Far TooSmallEFlength[] = "bad extra-field entry:\n \ ++ EF block length (%u bytes) invalid (< %d)\n"; + static ZCONST char Far InvalidComprDataEAs[] = + " invalid compressed data for EAs\n"; + # if (defined(WIN32) && defined(NTSD_EAS)) +@@ -2023,7 +2025,8 @@ + ebID = makeword(ef); + ebLen = (unsigned)makeword(ef+EB_LEN); + +- if (ebLen > (ef_len - EB_HEADSIZE)) { ++ if (ebLen > (ef_len - EB_HEADSIZE)) ++ { + /* Discovered some extra field inconsistency! */ + if (uO.qflag) + Info(slide, 1, ((char *)slide, "%-22s ", +@@ -2032,6 +2035,16 @@ + ebLen, (ef_len - EB_HEADSIZE))); + return PK_ERR; + } ++ else if (ebLen < EB_HEADSIZE) ++ { ++ /* Extra block length smaller than header length. */ ++ if (uO.qflag) ++ Info(slide, 1, ((char *)slide, "%-22s ", ++ FnFilter1(G.filename))); ++ Info(slide, 1, ((char *)slide, LoadFarString(TooSmallEFlength), ++ ebLen, EB_HEADSIZE)); ++ return PK_ERR; ++ } + + switch (ebID) { + case EF_OS2: Deleted: extra-x86_64/getZip64Data.patch =================================================================== --- extra-x86_64/getZip64Data.patch 2015-01-10 19:27:10 UTC (rev 228890) +++ extra-x86_64/getZip64Data.patch 2015-01-10 19:27:56 UTC (rev 228891) @@ -1,133 +0,0 @@ ---- process.c 2009-03-06 02:25:10.000000000 +0100 -+++ process.c 2014-12-05 22:42:39.000000000 +0100 -@@ -1,5 +1,5 @@ - /* -- Copyright (c) 1990-2009 Info-ZIP. All rights reserved. -+ Copyright (c) 1990-2014 Info-ZIP. All rights reserved. - - See the accompanying file LICENSE, version 2009-Jan-02 or later - (the contents of which are also included in unzip.h) for terms of use. -@@ -1888,48 +1888,82 @@ int getZip64Data(__G__ ef_buf, ef_len) - and a 4-byte version of disk start number. - Sets both local header and central header fields. Not terribly clever, - but it means that this procedure is only called in one place. -+ -+ 2014-12-05 SMS. -+ Added checks to ensure that enough data are available before calling -+ makeint64() or makelong(). Replaced various sizeof() values with -+ simple ("4" or "8") constants. (The Zip64 structures do not depend -+ on our variable sizes.) Error handling is crude, but we should now -+ stay within the buffer. - ---------------------------------------------------------------------------*/ - -+#define Z64FLGS 0xffff -+#define Z64FLGL 0xffffffff -+ - if (ef_len == 0 || ef_buf == NULL) - return PK_COOL; - - Trace((stderr,"\ngetZip64Data: scanning extra field of length %u\n", - ef_len)); - -- while (ef_len >= EB_HEADSIZE) { -+ while (ef_len >= EB_HEADSIZE) -+ { - eb_id = makeword(EB_ID + ef_buf); - eb_len = makeword(EB_LEN + ef_buf); - -- if (eb_len > (ef_len - EB_HEADSIZE)) { -- /* discovered some extra field inconsistency! */ -+ if (eb_len > (ef_len - EB_HEADSIZE)) -+ { -+ /* Extra block length exceeds remaining extra field length. */ - Trace((stderr, - "getZip64Data: block length %u > rest ef_size %u\n", eb_len, - ef_len - EB_HEADSIZE)); - break; - } -- if (eb_id == EF_PKSZ64) { -- -+ if (eb_id == EF_PKSZ64) -+ { - int offset = EB_HEADSIZE; - -- if (G.crec.ucsize == 0xffffffff || G.lrec.ucsize == 0xffffffff){ -- G.lrec.ucsize = G.crec.ucsize = makeint64(offset + ef_buf); -- offset += sizeof(G.crec.ucsize); -+ if ((G.crec.ucsize == Z64FLGL) || (G.lrec.ucsize == Z64FLGL)) -+ { -+ if (offset+ 8 > ef_len) -+ return PK_ERR; -+ -+ G.crec.ucsize = G.lrec.ucsize = makeint64(offset + ef_buf); -+ offset += 8; - } -- if (G.crec.csize == 0xffffffff || G.lrec.csize == 0xffffffff){ -- G.csize = G.lrec.csize = G.crec.csize = makeint64(offset + ef_buf); -- offset += sizeof(G.crec.csize); -+ -+ if ((G.crec.csize == Z64FLGL) || (G.lrec.csize == Z64FLGL)) -+ { -+ if (offset+ 8 > ef_len) -+ return PK_ERR; -+ -+ G.csize = G.crec.csize = G.lrec.csize = makeint64(offset + ef_buf); -+ offset += 8; - } -- if (G.crec.relative_offset_local_header == 0xffffffff){ -+ -+ if (G.crec.relative_offset_local_header == Z64FLGL) -+ { -+ if (offset+ 8 > ef_len) -+ return PK_ERR; -+ - G.crec.relative_offset_local_header = makeint64(offset + ef_buf); -- offset += sizeof(G.crec.relative_offset_local_header); -+ offset += 8; - } -- if (G.crec.disk_number_start == 0xffff){ -+ -+ if (G.crec.disk_number_start == Z64FLGS) -+ { -+ if (offset+ 4 > ef_len) -+ return PK_ERR; -+ - G.crec.disk_number_start = (zuvl_t)makelong(offset + ef_buf); -- offset += sizeof(G.crec.disk_number_start); -+ offset += 4; - } -+#if 0 -+ break; /* Expect only one EF_PKSZ64 block. */ -+#endif /* 0 */ - } - -- /* Skip this extra field block */ -+ /* Skip this extra field block. */ - ef_buf += (eb_len + EB_HEADSIZE); - ef_len -= (eb_len + EB_HEADSIZE); - } ---- fileio.c 2009-04-20 02:03:44.000000000 +0200 -+++ fileio.c 2014-12-05 22:44:16.000000000 +0100 -@@ -176,6 +176,8 @@ static ZCONST char Far FilenameTooLongTr - #endif - static ZCONST char Far ExtraFieldTooLong[] = - "warning: extra field too long (%d). Ignoring...\n"; -+static ZCONST char Far ExtraFieldCorrupt[] = -+ "warning: extra field (type: 0x%04x) corrupt. Continuing...\n"; - - #ifdef WINDLL - static ZCONST char Far DiskFullQuery[] = -@@ -2295,7 +2297,12 @@ int do_string(__G__ length, option) /* - if (readbuf(__G__ (char *)G.extra_field, length) == 0) - return PK_EOF; - /* Looks like here is where extra fields are read */ -- getZip64Data(__G__ G.extra_field, length); -+ if (getZip64Data(__G__ G.extra_field, length) != PK_COOL) -+ { -+ Info(slide, 0x401, ((char *)slide, -+ LoadFarString( ExtraFieldCorrupt), EF_PKSZ64)); -+ error = PK_WARN; -+ } - #ifdef UNICODE_SUPPORT - G.unipath_filename = NULL; - if (G.UzO.U_flag < 2) { Copied: unzip/repos/extra-x86_64/getZip64Data.patch (from rev 228890, unzip/trunk/getZip64Data.patch) =================================================================== --- extra-x86_64/getZip64Data.patch (rev 0) +++ extra-x86_64/getZip64Data.patch 2015-01-10 19:27:56 UTC (rev 228891) @@ -0,0 +1,133 @@ +--- process.c 2009-03-06 02:25:10.000000000 +0100 ++++ process.c 2014-12-05 22:42:39.000000000 +0100 +@@ -1,5 +1,5 @@ + /* +- Copyright (c) 1990-2009 Info-ZIP. All rights reserved. ++ Copyright (c) 1990-2014 Info-ZIP. All rights reserved. + + See the accompanying file LICENSE, version 2009-Jan-02 or later + (the contents of which are also included in unzip.h) for terms of use. +@@ -1888,48 +1888,82 @@ int getZip64Data(__G__ ef_buf, ef_len) + and a 4-byte version of disk start number. + Sets both local header and central header fields. Not terribly clever, + but it means that this procedure is only called in one place. ++ ++ 2014-12-05 SMS. ++ Added checks to ensure that enough data are available before calling ++ makeint64() or makelong(). Replaced various sizeof() values with ++ simple ("4" or "8") constants. (The Zip64 structures do not depend ++ on our variable sizes.) Error handling is crude, but we should now ++ stay within the buffer. + ---------------------------------------------------------------------------*/ + ++#define Z64FLGS 0xffff ++#define Z64FLGL 0xffffffff ++ + if (ef_len == 0 || ef_buf == NULL) + return PK_COOL; + + Trace((stderr,"\ngetZip64Data: scanning extra field of length %u\n", + ef_len)); + +- while (ef_len >= EB_HEADSIZE) { ++ while (ef_len >= EB_HEADSIZE) ++ { + eb_id = makeword(EB_ID + ef_buf); + eb_len = makeword(EB_LEN + ef_buf); + +- if (eb_len > (ef_len - EB_HEADSIZE)) { +- /* discovered some extra field inconsistency! */ ++ if (eb_len > (ef_len - EB_HEADSIZE)) ++ { ++ /* Extra block length exceeds remaining extra field length. */ + Trace((stderr, + "getZip64Data: block length %u > rest ef_size %u\n", eb_len, + ef_len - EB_HEADSIZE)); + break; + } +- if (eb_id == EF_PKSZ64) { +- ++ if (eb_id == EF_PKSZ64) ++ { + int offset = EB_HEADSIZE; + +- if (G.crec.ucsize == 0xffffffff || G.lrec.ucsize == 0xffffffff){ +- G.lrec.ucsize = G.crec.ucsize = makeint64(offset + ef_buf); +- offset += sizeof(G.crec.ucsize); ++ if ((G.crec.ucsize == Z64FLGL) || (G.lrec.ucsize == Z64FLGL)) ++ { ++ if (offset+ 8 > ef_len) ++ return PK_ERR; ++ ++ G.crec.ucsize = G.lrec.ucsize = makeint64(offset + ef_buf); ++ offset += 8; + } +- if (G.crec.csize == 0xffffffff || G.lrec.csize == 0xffffffff){ +- G.csize = G.lrec.csize = G.crec.csize = makeint64(offset + ef_buf); +- offset += sizeof(G.crec.csize); ++ ++ if ((G.crec.csize == Z64FLGL) || (G.lrec.csize == Z64FLGL)) ++ { ++ if (offset+ 8 > ef_len) ++ return PK_ERR; ++ ++ G.csize = G.crec.csize = G.lrec.csize = makeint64(offset + ef_buf); ++ offset += 8; + } +- if (G.crec.relative_offset_local_header == 0xffffffff){ ++ ++ if (G.crec.relative_offset_local_header == Z64FLGL) ++ { ++ if (offset+ 8 > ef_len) ++ return PK_ERR; ++ + G.crec.relative_offset_local_header = makeint64(offset + ef_buf); +- offset += sizeof(G.crec.relative_offset_local_header); ++ offset += 8; + } +- if (G.crec.disk_number_start == 0xffff){ ++ ++ if (G.crec.disk_number_start == Z64FLGS) ++ { ++ if (offset+ 4 > ef_len) ++ return PK_ERR; ++ + G.crec.disk_number_start = (zuvl_t)makelong(offset + ef_buf); +- offset += sizeof(G.crec.disk_number_start); ++ offset += 4; + } ++#if 0 ++ break; /* Expect only one EF_PKSZ64 block. */ ++#endif /* 0 */ + } + +- /* Skip this extra field block */ ++ /* Skip this extra field block. */ + ef_buf += (eb_len + EB_HEADSIZE); + ef_len -= (eb_len + EB_HEADSIZE); + } +--- fileio.c 2009-04-20 02:03:44.000000000 +0200 ++++ fileio.c 2014-12-05 22:44:16.000000000 +0100 +@@ -176,6 +176,8 @@ static ZCONST char Far FilenameTooLongTr + #endif + static ZCONST char Far ExtraFieldTooLong[] = + "warning: extra field too long (%d). Ignoring...\n"; ++static ZCONST char Far ExtraFieldCorrupt[] = ++ "warning: extra field (type: 0x%04x) corrupt. Continuing...\n"; + + #ifdef WINDLL + static ZCONST char Far DiskFullQuery[] = +@@ -2295,7 +2297,12 @@ int do_string(__G__ length, option) /* + if (readbuf(__G__ (char *)G.extra_field, length) == 0) + return PK_EOF; + /* Looks like here is where extra fields are read */ +- getZip64Data(__G__ G.extra_field, length); ++ if (getZip64Data(__G__ G.extra_field, length) != PK_COOL) ++ { ++ Info(slide, 0x401, ((char *)slide, ++ LoadFarString( ExtraFieldCorrupt), EF_PKSZ64)); ++ error = PK_WARN; ++ } + #ifdef UNICODE_SUPPORT + G.unipath_filename = NULL; + if (G.UzO.U_flag < 2) { Copied: unzip/repos/extra-x86_64/test_compr_eb.patch (from rev 228890, unzip/trunk/test_compr_eb.patch) =================================================================== --- extra-x86_64/test_compr_eb.patch (rev 0) +++ extra-x86_64/test_compr_eb.patch 2015-01-10 19:27:56 UTC (rev 228891) @@ -0,0 +1,23 @@ +--- extract.c 2009-03-14 02:32:52.000000000 +0100 ++++ extract.c 2014-12-05 22:43:13.000000000 +0100 +@@ -2221,10 +2234,17 @@ static int test_compr_eb(__G__ eb, eb_si + if (compr_offset < 4) /* field is not compressed: */ + return PK_OK; /* do nothing and signal OK */ + ++ /* Return no/bad-data error status if any problem is found: ++ * 1. eb_size is too small to hold the uncompressed size ++ * (eb_ucsize). (Else extract eb_ucsize.) ++ * 2. eb_ucsize is zero (invalid). 2014-12-04 SMS. ++ * 3. eb_ucsize is positive, but eb_size is too small to hold ++ * the compressed data header. ++ */ + if ((eb_size < (EB_UCSIZE_P + 4)) || +- ((eb_ucsize = makelong(eb+(EB_HEADSIZE+EB_UCSIZE_P))) > 0L && +- eb_size <= (compr_offset + EB_CMPRHEADLEN))) +- return IZ_EF_TRUNC; /* no compressed data! */ ++ ((eb_ucsize = makelong( eb+ (EB_HEADSIZE+ EB_UCSIZE_P))) == 0L) || ++ ((eb_ucsize > 0L) && (eb_size <= (compr_offset + EB_CMPRHEADLEN)))) ++ return IZ_EF_TRUNC; /* no/bad compressed data! */ + + if ( + #ifdef INT_16BIT