unzip-6.0-cve-2018-18384.patch

   1 --- unzip60/list.c
   2 +++ unzip60/list.c
   3 @@ -97,7 +97,7 @@ int list_files(__G)    /* return PK-type
   4  {
   5      int do_this_file=FALSE, cfactor, error, error_in_archive=PK_COOL;
   6  #ifndef WINDLL
   7 -    char sgn, cfactorstr[13];
   8 +    char sgn, cfactorstr[1+10+1+1];    /* <sgn><int>%NUL */
   9      int longhdr=(uO.vflag>1);
  10  #endif
  11      int date_format;
  12 @@ -389,9 +389,9 @@ int list_files(__G)    /* return PK-type
  13              }
  14  #else /* !WINDLL */
  15              if (cfactor == 100)
  16 -                sprintf(cfactorstr, LoadFarString(CompFactor100));
  17 +                snprintf(cfactorstr, sizeof(cfactorstr), LoadFarString(CompFactor100));
  18              else
  19 -                sprintf(cfactorstr, LoadFarString(CompFactorStr), sgn, cfactor);
  20 +                snprintf(cfactorstr, sizeof(cfactorstr), LoadFarString(CompFactorStr), sgn, cfactor);
  21              if (longhdr)
  22                  Info(slide, 0, ((char *)slide, LoadFarString(LongHdrStats),
  23                    FmZofft(G.crec.ucsize, "8", "u"), methbuf,
  24 @@ -471,9 +471,9 @@ int list_files(__G)    /* return PK-type
  25
  26  #else /* !WINDLL */
  27          if (cfactor == 100)
  28 -            sprintf(cfactorstr, LoadFarString(CompFactor100));
  29 +            snprintf(cfactorstr, sizeof(cfactorstr), LoadFarString(CompFactor100));
  30          else
  31 -            sprintf(cfactorstr, LoadFarString(CompFactorStr), sgn, cfactor);
  32 +            snprintf(cfactorstr, sizeof(cfactorstr), LoadFarString(CompFactorStr), sgn, cfactor);
  33          if (longhdr) {
  34              Info(slide, 0, ((char *)slide, LoadFarString(LongFileTrailer),
  35                FmZofft(tot_ucsize, "8", "u"), FmZofft(tot_csize, "8", "u"),