From 0095746c83f59e1f45c9e803d61e205ab6cbfa83 Mon Sep 17 00:00:00 2001 From: Bdale Garbee Date: Wed, 15 Jun 2005 14:39:11 -0600 Subject: [PATCH] Imported Debian patch 1.3.5-11 --- debian/changelog | 22 ++----- gzip.c | 34 +++------- gzip.h | 2 +- gzip.info | 158 ++++++++++++++++++++++------------------------- inflate.c | 2 +- stamp-vti | 4 +- unlzh.c | 10 +-- unpack.c | 7 +-- version.texi | 4 +- zgrep.in | 4 +- 10 files changed, 99 insertions(+), 148 deletions(-) diff --git a/debian/changelog b/debian/changelog index 52d6a13..088bed8 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,23 +1,9 @@ -gzip (1.3.5-10sarge2) stable-security; urgency=high +gzip (1.3.5-11) unstable; urgency=low - * Non-maintainer upload by the Security Team: - * Fix several security problems discovered by Tavis Ormandy of Google: - - DoS through null pointer deference in the Huffman code (CVE-2006-4334) - - Out-of-bands stack write in LZH decompression code (CVE-2006-4335) - - Buffer overflow in pack code (CVE-2006-4336) - - Buffer overflow in LZH code (CVE-2006-4337) - - DoS through an infinite loop in LZH code (CVE-2006-4337) - (Patch by Thomas Biege of SuSe) + * patch from Peter Samuelson for bashism in zgrep, + closes: #314342, #314211, #312380, #310329 - -- Moritz Muehlenhoff Sun, 10 Sep 2006 21:01:47 +0000 - -gzip (1.3.5-10sarge1) stable; urgency=low - - * merge patch from Matt Zimmerman for futex hang due to improper signal - handling, closes: #310053, #315612 - * backport to stable since this problem affects several debian.org servers - - -- Bdale Garbee Tue, 8 Nov 2005 22:25:19 -0700 + -- Bdale Garbee Wed, 15 Jun 2005 14:39:11 -0600 gzip (1.3.5-10) unstable; urgency=medium diff --git a/gzip.c b/gzip.c index 2f692b5..61f721e 100644 --- a/gzip.c +++ b/gzip.c @@ -467,16 +467,16 @@ int main (argc, argv) foreground = signal(SIGINT, SIG_IGN) != SIG_IGN; if (foreground) { - (void) signal (SIGINT, (sig_type)abort_gzip_signal); + (void) signal (SIGINT, (sig_type)abort_gzip); } #ifdef SIGTERM if (signal(SIGTERM, SIG_IGN) != SIG_IGN) { - (void) signal(SIGTERM, (sig_type)abort_gzip_signal); + (void) signal(SIGTERM, (sig_type)abort_gzip); } #endif #ifdef SIGHUP if (signal(SIGHUP, SIG_IGN) != SIG_IGN) { - (void) signal(SIGHUP, (sig_type)abort_gzip_signal); + (void) signal(SIGHUP, (sig_type)abort_gzip); } #endif @@ -586,7 +586,7 @@ int main (argc, argv) #ifdef SIGPIPE /* Ignore "Broken Pipe" message with --quiet */ if (quiet && signal (SIGPIPE, SIG_IGN) != SIG_IGN) - signal (SIGPIPE, (sig_type) abort_gzip_signal); + signal (SIGPIPE, (sig_type) abort_gzip); #endif /* By default, save name and timestamp on compression but do not @@ -1850,31 +1850,13 @@ local void do_exit(exitcode) } /* ======================================================================== - * Close and unlink the output file if appropriate. This routine must be - * async-signal-safe. + * Signal and error handler. */ -local void do_remove() { +RETSIGTYPE abort_gzip() +{ if (remove_ofname) { close(ofd); xunlink (ofname); } + do_exit(ERROR); } - -/* ======================================================================== - * Error handler. - */ -RETSIGTYPE abort_gzip() -{ - do_remove(); - do_exit(ERROR); -} - -/* ======================================================================== - * Signal handler. - */ -RETSIGTYPE abort_gzip_signal() -{ - do_remove(); - _exit(ERROR); -} - diff --git a/gzip.h b/gzip.h index e3cc75c..3629a55 100644 --- a/gzip.h +++ b/gzip.h @@ -273,7 +273,7 @@ extern int unpack OF((int in, int out)); extern int unlzh OF((int in, int out)); /* in gzip.c */ -RETSIGTYPE abort_gzip_signal OF((void)); +RETSIGTYPE abort_gzip OF((void)); /* in deflate.c */ void lm_init OF((int pack_level, ush *flags)); diff --git a/gzip.info b/gzip.info index ae999ae..21a2d9f 100644 --- a/gzip.info +++ b/gzip.info @@ -1,13 +1,6 @@ -This is gzip.info, produced by makeinfo version 4.7 from gzip.texi. +This is gzip.info, produced by makeinfo version 4.2 from gzip.texi. -INFO-DIR-SECTION Utilities -START-INFO-DIR-ENTRY -* gzip: (gzip). The gzip command for compressing files. -END-INFO-DIR-ENTRY - - This file documents the GNU `gzip' command for compressing files. - - This manual is for Gzip (version 1.3.5, 10 September 2006), and +This manual is for Gzip (version 1.3.5, 29 September 2002), and documents commands for compressing and decompressing data. Copyright (C) 1998, 1999, 2001, 2002 Free Software Foundation, Inc. @@ -25,6 +18,16 @@ documents commands for compressing and decompressing data. (a) The FSF's Back-Cover Text is: "You have freedom to copy and modify this GNU Manual, like GNU software. Copies published by the Free Software Foundation raise funds for GNU development." + +INFO-DIR-SECTION Individual utilities +START-INFO-DIR-ENTRY +* gzip: (gzip)Invoking gzip. Compress files. +END-INFO-DIR-ENTRY + +INFO-DIR-SECTION Utilities +START-INFO-DIR-ENTRY +* Gzip: (gzip). The gzip command for compressing files. +END-INFO-DIR-ENTRY  File: gzip.info, Node: Top, Up: (dir) @@ -32,9 +35,7 @@ File: gzip.info, Node: Top, Up: (dir) Compressing Files ***************** -This file documents the GNU `gzip' command for compressing files. - - This manual is for Gzip (version 1.3.5, 10 September 2006), and +This manual is for Gzip (version 1.3.5, 29 September 2002), and documents commands for compressing and decompressing data. Copyright (C) 1998, 1999, 2001, 2002 Free Software Foundation, Inc. @@ -52,7 +53,7 @@ documents commands for compressing and decompressing data. (a) The FSF's Back-Cover Text is: "You have freedom to copy and modify this GNU Manual, like GNU software. Copies published by the Free Software Foundation raise funds for GNU development." - + * Menu: * Overview:: Preliminary information. @@ -68,10 +69,10 @@ documents commands for compressing and decompressing data.  File: gzip.info, Node: Overview, Next: Sample, Up: Top -1 Overview -********** +Overview +******** -`gzip' reduces the size of the named files using Lempel-Ziv coding + `gzip' reduces the size of the named files using Lempel-Ziv coding (LZ77). Whenever possible, each file is replaced by one with the extension `.gz', while keeping the same ownership modes, access and modification times. (The default extension is `-gz' for VMS, `z' for @@ -156,10 +157,10 @@ Format Specification version 1.3, Internet RFC 1951  File: gzip.info, Node: Sample, Next: Invoking gzip, Prev: Overview, Up: Top -2 Sample Output -*************** +Sample Output +************* -Here are some realistic examples of running `gzip'. + Here are some realistic examples of running `gzip'. This is the output of the command `gzip -h': @@ -198,10 +199,10 @@ destroying the original:  File: gzip.info, Node: Invoking gzip, Next: Advanced usage, Prev: Sample, Up: Top -3 Invoking `gzip' -***************** +Invoking `gzip' +*************** -The format for running the `gzip' program is: + The format for running the `gzip' program is: gzip OPTION ... @@ -304,15 +305,6 @@ The format for running the `gzip' program is: descend into the directory and compress all the files it finds there (or decompress them in the case of `gunzip'). -`--rsyncable' - While compressing, synchronize the output occasionally based on the - input. This increases size by less than 1 percent most cases, but - means that the `rsync' program can take advantage of similarities - in the uncompressed input when syncronizing two files compressed - with this flag. `gunzip' cannot tell the difference between a - compressed file created with this option, and one created without - it. - `--suffix SUF' `-S SUF' Use suffix `SUF' instead of `.gz'. Any suffix can be given, but @@ -353,13 +345,13 @@ The format for running the `gzip' program is:  File: gzip.info, Node: Advanced usage, Next: Environment, Prev: Invoking gzip, Up: Top -4 Advanced usage -**************** +Advanced usage +************** -Multiple compressed files can be concatenated. In this case, `gunzip' -will extract all members at once. If one member is damaged, other -members might still be recovered after removal of the damaged member. -Better compression can be usually obtained if all members are + Multiple compressed files can be concatenated. In this case, +`gunzip' will extract all members at once. If one member is damaged, +other members might still be recovered after removal of the damaged +member. Better compression can be usually obtained if all members are decompressed and then recompressed in a single step. This is an example of concatenating `gzip' files: @@ -405,10 +397,10 @@ replacement.  File: gzip.info, Node: Environment, Next: Tapes, Prev: Advanced usage, Up: Top -5 Environment -************* +Environment +*********** -The environment variable `GZIP' can hold a set of default options for + The environment variable `GZIP' can hold a set of default options for `gzip'. These options are interpreted first and can be overwritten by explicit command line parameters. For example: @@ -422,16 +414,17 @@ avoid a conflict with the symbol set for invocation of the program.  File: gzip.info, Node: Tapes, Next: Problems, Prev: Environment, Up: Top -6 Using `gzip' on tapes -*********************** +Using `gzip' on tapes +********************* -When writing compressed data to a tape, it is generally necessary to pad -the output with zeroes up to a block boundary. When the data is read and -the whole block is passed to `gunzip' for decompression, `gunzip' -detects that there is extra trailing garbage after the compressed data -and emits a warning by default if the garbage contains nonzero bytes. -You have to use the `--quiet' option to suppress the warning. This -option can be set in the `GZIP' environment variable, as in: + When writing compressed data to a tape, it is generally necessary to +pad the output with zeroes up to a block boundary. When the data is +read and the whole block is passed to `gunzip' for decompression, +`gunzip' detects that there is extra trailing garbage after the +compressed data and emits a warning by default if the garbage contains +nonzero bytes. You have to use the `--quiet' option to suppress the +warning. This option can be set in the `GZIP' environment variable, as +in: for sh: GZIP="-q" tar -xfz --block-compress /dev/rst0 for csh: (setenv GZIP "-q"; tar -xfz --block-compress /dev/rst0) @@ -444,10 +437,10 @@ of `tar') is used for reading and writing compressed data on tapes.  File: gzip.info, Node: Problems, Next: Copying This Manual, Prev: Tapes, Up: Top -7 Reporting Bugs -**************** +Reporting Bugs +************** -If you find a bug in `gzip', please send electronic mail to + If you find a bug in `gzip', please send electronic mail to . Include the version number, which you can find by running `gzip -V'. Also include in your message the hardware and operating system, the compiler used to compile `gzip', a description of @@ -456,8 +449,8 @@ the bug behavior, and the input to `gzip' that triggered the bug.  File: gzip.info, Node: Copying This Manual, Next: Concept Index, Prev: Problems, Up: Top -Appendix A Copying This Manual -****************************** +Copying This Manual +******************* * Menu: @@ -466,14 +459,13 @@ Appendix A Copying This Manual  File: gzip.info, Node: GNU Free Documentation License, Up: Copying This Manual -A.1 GNU Free Documentation License -================================== +GNU Free Documentation License +============================== Version 1.1, March 2000 - Copyright (C) 2000 Free Software Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA - + Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. @@ -823,10 +815,10 @@ A.1 GNU Free Documentation License you may choose any version ever published (not as a draft) by the Free Software Foundation. -A.1.1 ADDENDUM: How to use this License for your documents ----------------------------------------------------------- +ADDENDUM: How to use this License for your documents +---------------------------------------------------- -To use this License in a document you have written, include a copy of + To use this License in a document you have written, include a copy of the License in the document and put the following copyright and license notices just after the title page: @@ -852,36 +844,34 @@ permit their use in free software.  File: gzip.info, Node: Concept Index, Prev: Copying This Manual, Up: Top -Appendix B Concept Index -************************ +Concept Index +************* -[index] * Menu: -* bugs: Problems. (line 6) -* concatenated files: Advanced usage. (line 6) -* Environment: Environment. (line 6) +* bugs: Problems. +* concatenated files: Advanced usage. +* Environment: Environment. * FDL, GNU Free Documentation License: GNU Free Documentation License. - (line 6) -* invoking: Invoking gzip. (line 6) -* options: Invoking gzip. (line 6) -* overview: Overview. (line 6) -* sample: Sample. (line 6) -* tapes: Tapes. (line 6) +* invoking: Invoking gzip. +* options: Invoking gzip. +* overview: Overview. +* sample: Sample. +* tapes: Tapes.  Tag Table: -Node: Top1170 -Node: Overview2609 -Node: Sample7370 -Node: Invoking gzip9032 -Node: Advanced usage14463 -Node: Environment16053 -Node: Tapes16622 -Node: Problems17637 -Node: Copying This Manual18096 -Node: GNU Free Documentation License18334 -Node: Concept Index38211 +Node: Top1258 +Node: Overview2630 +Node: Sample7390 +Node: Invoking gzip9051 +Node: Advanced usage14032 +Node: Environment15621 +Node: Tapes16189 +Node: Problems17203 +Node: Copying This Manual17661 +Node: GNU Free Documentation License17877 +Node: Concept Index37741  End Tag Table diff --git a/inflate.c b/inflate.c index cfb0d57..429716c 100644 --- a/inflate.c +++ b/inflate.c @@ -337,7 +337,7 @@ int *m; /* maximum lookup bits, returns actual */ { *t = (struct huft *)NULL; *m = 0; - return 2; + return 0; } diff --git a/stamp-vti b/stamp-vti index 8f612b6..6996ff7 100644 --- a/stamp-vti +++ b/stamp-vti @@ -1,4 +1,4 @@ -@set UPDATED 10 September 2006 -@set UPDATED-MONTH September 2006 +@set UPDATED 29 September 2002 +@set UPDATED-MONTH September 2002 @set EDITION 1.3.5 @set VERSION 1.3.5 diff --git a/unlzh.c b/unlzh.c index 7a88fee..b1c6ac6 100644 --- a/unlzh.c +++ b/unlzh.c @@ -69,7 +69,11 @@ local void make_table OF((int nchar, uch bitlen[], #define NT (CODE_BIT + 3) #define PBIT 4 /* smallest integer such that (1U << PBIT) > NP */ #define TBIT 5 /* smallest integer such that (1U << TBIT) > NT */ -#define NPT (1< NP +# define NPT NT +#else +# define NPT NP +#endif /* local ush left[2 * NC - 1]; */ /* local ush right[2 * NC - 1]; */ @@ -175,8 +179,6 @@ local void make_table(nchar, bitlen, tablebits, table) if ((len = bitlen[ch]) == 0) continue; nextcode = start[len] + weight[len]; if (len <= (unsigned)tablebits) { - if (nextcode > 1 << tablebits) - error("Bad table\n"); for (i = start[len]; i < nextcode; i++) table[i] = ch; } else { k = start[len]; @@ -221,8 +223,6 @@ local void read_pt_len(nn, nbit, i_special) if (c == 7) { mask = (unsigned) 1 << (BITBUFSIZ - 1 - 3); while (mask & bitbuf) { mask >>= 1; c++; } - if (c > 16) - error("Bad table\n"); } fillbuf((c < 7) ? 3 : c - 3); pt_len[i++] = c; diff --git a/unpack.c b/unpack.c index b1f3ef3..00dae74 100644 --- a/unpack.c +++ b/unpack.c @@ -97,7 +97,6 @@ local void read_tree() int len; /* bit length */ int base; /* base offset for a sequence of leaves */ int n; - int max_leaves; /* Read the original input size, MSB first */ orig_len = 0; @@ -110,15 +109,11 @@ local void read_tree() /* Get the number of leaves at each bit length */ n = 0; - max_leaves = 1; for (len = 1; len <= max_len; len++) { leaves[len] = (int)get_byte(); - if (leaves[len] > max_leaves - (len == max_len)) - error("too many leaves in Huffman tree"); - max_leaves = (max_leaves - leaves[len] + 1) * 2 - 1; n += leaves[len]; } - if (n >= LITERALS) { + if (n > LITERALS) { error("too many leaves in Huffman tree"); } Trace((stderr, "orig_len %lu, max_len %d, leaves %d\n", diff --git a/version.texi b/version.texi index 8f612b6..6996ff7 100644 --- a/version.texi +++ b/version.texi @@ -1,4 +1,4 @@ -@set UPDATED 10 September 2006 -@set UPDATED-MONTH September 2006 +@set UPDATED 29 September 2002 +@set UPDATED-MONTH September 2002 @set EDITION 1.3.5 @set VERSION 1.3.5 diff --git a/zgrep.in b/zgrep.in index 73fc149..aa3567f 100755 --- a/zgrep.in +++ b/zgrep.in @@ -101,9 +101,7 @@ for i do elif test $with_filename -eq 0 && { test $# -eq 1 || test $no_filename -eq 1; }; then $grep $opt "$pat" else - i=${i//\\/\\\\} - i=${i//|/\\|} - i=${i//&/\\&} + i=$(echo "$i" | sed -e 's/[\\|&]/\\&/g') if test $with_filename -eq 1; then sed_script="s|^[^:]*:|${i}:|" else -- 2.43.0