From: anaggh <anaggh@users.noreply.github.com>
To: ml@inbox.vuxu.org
Subject: [ISSUE] [BUG] Package: unzip buffer overflow while unzipping
Date: Thu, 12 Mar 2020 17:51:54 +0100 [thread overview]
Message-ID: <gh-mailinglist-notifications-41a7ca26-5023-4802-975b-f1789d68868e-void-packages-20036@inbox.vuxu.org> (raw)
[-- Attachment #1: Type: text/plain, Size: 1853 bytes --]
New issue by anaggh on void-packages repository
https://github.com/void-linux/void-packages/issues/20036
Description:
### System
* package: unzip-6.0_13
### Expected behavior
zip extracts successfully. (Works fine on other distros)
### Actual behavior
buffer overflow
### Steps to reproduce the behavior
```
sudo xbps-install -S wget unzip
wget https://github.com/void-linux/void-packages/archive/master.zip
unzip master.zip
```
Output
```
Archive: master.zip
4102aace4892e25b6d6325e98486cdc91b3dc380
creating: void-packages-master/
inflating: void-packages-master/.gitattributes
creating: void-packages-master/.github/
...
...
inflating: void-packages-master/srcpkgs/papis/patches/update-vers1.patch
inflating: void-packages-master/srcpkgs/papis/patches/update-vers2.patch
inflating: void-packages-master/srcpkgs/papis/template
creating: void-packages-master/srcpkgs/paprefs/
inflating: void-packages-master/srcpkgs/paprefs/template
creating: void-packages-master/srcpkgs/paps/
inflating: void-packages-master/srcpkgs/paps/template -> # Template file for 'paps'
pkgname=paps
version=0.7.1
revision=1
build_style=meson
hostmakedepends="pkg-config cmake"
makedepends="pango-devel freetype-devel"
short_desc="UTF-8 to PostScript converter via Pango"
maintainer="Leah Neukirchen <leah@vuxu.org>"
license="LGPL-2.0-or-later"
homepage="https://github.com/dov/paps"
distfiles="https://github.com/dov/paps/archive/v${version}.tar.gz"
checksum=b8cbd16f8dd5832ecfa9907d31411b35a7f12d81a5ec472a1555d00a8a205e0e
CFLAGS="-D_XOPEN_SOURCE"
creating: void-packages-master/srcpkgs/par/
creating: void-packages-master/srcpkgs/par/patches/
inflating: void-packages-master/srcpkgs/par/patches/par-i18n.patch *** buffer overflow detected ***: unzip terminated
```
next reply other threads:[~2020-03-12 16:51 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-03-12 16:51 anaggh [this message]
2020-03-13 6:17 ` travankor
2020-03-13 6:21 ` xtraeme
2020-03-13 6:32 ` travankor
2020-03-13 6:50 ` anaggh
2020-03-13 8:28 ` Johnnynator
2020-03-13 8:28 ` [ISSUE] [CLOSED] " Johnnynator
2020-03-13 8:35 ` Johnnynator
2020-03-13 9:28 ` anaggh
2020-03-13 19:34 ` Chocimier
2020-03-13 19:47 ` xtraeme
2020-03-13 19:48 ` xtraeme
2020-03-13 20:00 ` Chocimier
2020-03-13 20:01 ` Chocimier
2020-05-19 16:19 ` [ISSUE] [CLOSED] " Chocimier
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=gh-mailinglist-notifications-41a7ca26-5023-4802-975b-f1789d68868e-void-packages-20036@inbox.vuxu.org \
--to=anaggh@users.noreply.github.com \
--cc=ml@inbox.vuxu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).