diff options
author | V3n3RiX <venerix@redcorelinux.org> | 2017-10-09 18:53:29 +0100 |
---|---|---|
committer | V3n3RiX <venerix@redcorelinux.org> | 2017-10-09 18:53:29 +0100 |
commit | 4f2d7949f03e1c198bc888f2d05f421d35c57e21 (patch) | |
tree | ba5f07bf3f9d22d82e54a462313f5d244036c768 /games-util/dzip/files |
reinit the tree, so we can have metadata
Diffstat (limited to 'games-util/dzip/files')
-rw-r--r-- | games-util/dzip/files/dzip-2.9-scrub-names.patch | 88 | ||||
-rw-r--r-- | games-util/dzip/files/dzip-2.9-system-zlib-r2.patch | 72 | ||||
-rw-r--r-- | games-util/dzip/files/dzip-amd64.diff | 30 |
3 files changed, 190 insertions, 0 deletions
diff --git a/games-util/dzip/files/dzip-2.9-scrub-names.patch b/games-util/dzip/files/dzip-2.9-scrub-names.patch new file mode 100644 index 000000000000..079fae3fd070 --- /dev/null +++ b/games-util/dzip/files/dzip-2.9-scrub-names.patch @@ -0,0 +1,88 @@ +Fix directory traversals issues. + +Since .dz files normally just have relative directory trees: +pak/ +pak/file +pak/subdir/file + +we strip out all the components which ascend in the directory tree + +http://bugs.gentoo.org/93079 + +--- main.c ++++ main.c +@@ -77,6 +77,48 @@ int dzRead (int inlen) + return 1;
+ } +
++#define IS_SEP(c) (c == '/' || c == ':' || c == '\\') ++void scrub_name(char *smee) ++{ ++ char *paths[] = { "../", "..\\", "..:", NULL}; ++ size_t p, i, len; ++ char scrubit, scrubbed; ++ ++ scrubbed = 0; ++ len = strlen(smee); ++ i = 0; ++ scrubit = 1; ++ ++ /* search the path and scrub out all relative paths */ ++ while (i + 3 < len) { ++ for (p = 0; paths[p]; ++p) { ++ if (scrubit && !strncmp(paths[p], smee+i, 3)) { ++ scrubbed = 1; ++ memset(smee+i, '\0', 3); ++ i += 2; ++ break; ++ } ++ } ++ scrubit = IS_SEP(smee[i]) || smee[i] == '\0'; ++ ++i; ++ } ++ ++ if (!scrubbed) ++ return; ++ ++ /* condense the string over all the scrubbed bits */ ++ p = 0; ++ for (i = 0; i < len; ++i) { ++ while (p < len && smee[p] == '\0') ++ ++p; ++ if (p == len) { ++ smee[i] = '\0'; ++ break; ++ } ++ smee[i] = smee[p++]; ++ } ++} ++
+ int dzReadDirectoryEntry (direntry_t *de) + { + char *s; +@@ -102,6 +144,7 @@ int dzReadDirectoryEntry (direntry_t *de + s = Dzip_malloc(de->len);
+ dzFile_Read(s, de->len);
+ de->name = s; ++ scrub_name(de->name); + if (de->pak && de->type != TYPE_PAK) + return 1; /* dont mess with dirchar inside pakfiles */ + do +--- v1code.c ++++ v1code.c +@@ -201,6 +201,7 @@ void demv1_dxentities(void) + + } +
++extern void scrub_name(char *smee); + void dzUncompressV1 (int testing)
+ {
+ int i, inlen = 0;
+@@ -221,6 +222,7 @@ void dzUncompressV1 (int testing)
+ {
+ de = directory + i;
+ crcval = INITCRC;
++ scrub_name(de->name); + printf("%s %s",action,de->name);
+ fflush(stdout);
+
diff --git a/games-util/dzip/files/dzip-2.9-system-zlib-r2.patch b/games-util/dzip/files/dzip-2.9-system-zlib-r2.patch new file mode 100644 index 000000000000..4bf10f8b98f6 --- /dev/null +++ b/games-util/dzip/files/dzip-2.9-system-zlib-r2.patch @@ -0,0 +1,72 @@ +--- dzip.h ++++ dzip.h +@@ -2,7 +2,7 @@ + #include <stdlib.h>
+ #include <string.h>
+
+-#include "zlib/zlib.h"
++#include <zlib.h>
+
+ typedef unsigned char uchar;
+
+@@ -177,4 +177,4 @@ + #else
+ #define DIRCHAR '/'
+ #define WRONGCHAR '\\'
+-#endif +\ No newline at end of file ++#endif
+--- Makefile.linux ++++ Makefile.linux +@@ -1,18 +1,17 @@ + # Makefile for linux
+
+-CC = gcc
+-CFLAGS = -Wall -O3
++CC ?= gcc
++CFLAGS ?= -O3
++CFLAGS += -Wall
+ TARGET = dzip
+ OBJECTS = main.o compress.o uncompress.o list.o crc32.o \
+- encode.o decode.o v1code.o conmain.o delete.o \
+- zlib/adler32.o zlib/deflate.o zlib/trees.o \
+- zlib/inflate.o zlib/infblock.o zlib/inftrees.o zlib/infcodes.o \
+- zlib/infutil.o zlib/inffast.o
++ encode.o decode.o v1code.o conmain.o delete.o
++LIBS = -lz
+
+ TMPFILES = gmon.out frag*
+
+ $(TARGET): $(OBJECTS)
+- $(CC) $(CFLAGS) $(OBJECTS) -o $(TARGET) $(LDFLAGS)
++ $(CC) $(CFLAGS) $(LDFLAGS) -o $(TARGET) $(OBJECTS) $(LIBS)
+
+ clean:
+ rm -f $(TARGET) $(OBJECTS) $(TMPFILES)
+@@ -24,4 +23,4 @@ + encode.o: encode.c dzip.h
+ list.o: list.c dzip.h dzipcon.h
+ decode.o: decode.c dzip.h dzipcon.h
+-v1code.o: v1code.c dzip.h dzipcon.h +\ No newline at end of file ++v1code.o: v1code.c dzip.h dzipcon.h
+--- conmain.c.orig 2010-01-17 15:10:20.938605770 +0000 ++++ conmain.c 2010-01-17 15:10:34.180603846 +0000 +@@ -507,8 +507,8 @@ + if (!strcmp(argv[i],"-o")) i++;
+ }
+
+- zs.zalloc = Dzip_calloc;
+- zs.zfree = free;
++ zs.zalloc = Z_NULL; // Dzip_calloc; <- wrong number of arguments, reverting to default
++ zs.zfree = Z_NULL; // free; <- wrong number of arguments, reverting to default
+
+ if (flag[SW_LIST] || flag[SW_EXTRACT] || flag[SW_VERIFY])
+ {
+@@ -618,4 +618,4 @@ + dzDeleteFiles_MakeList(files + 1, fileargs - 1);
+ free(files);
+ exit(0);
+-} +\ No newline at end of file ++}
diff --git a/games-util/dzip/files/dzip-amd64.diff b/games-util/dzip/files/dzip-amd64.diff new file mode 100644 index 000000000000..ef49ff330570 --- /dev/null +++ b/games-util/dzip/files/dzip-amd64.diff @@ -0,0 +1,30 @@ +--- dzip/crc32.c 2002-07-12 06:07:54.000000000 +0200 ++++ dz/crc32.c 2010-01-20 23:23:43.000000000 +0100 +@@ -1,10 +1,12 @@ ++#include <stdint.h> ++ + unsigned long crcval; + unsigned long crctable[256]; + +-unsigned long crc_reflect(unsigned long x, int bits) +-{
+- int i; +- unsigned long v = 0, b = 1 << (bits - 1); ++unsigned long crc_reflect(uint32_t x, int bits) ++{ ++ uint32_t i; ++ uint32_t v = 0, b = 1 << (bits - 1); + + for (i = 0; i < bits; i++) + { +@@ -16,8 +18,8 @@ + + void crc_init(void) + { +- unsigned long crcpol = 0x04c11db7; +- unsigned long i, j, k; ++ uint32_t crcpol = 0x04c11db7; ++ uint32_t i, j, k; + + for (i = 0; i < 256; i++) + { |