]>
granicus.if.org Git - zziplib/log
Guido Draheim [Fri, 16 Mar 2018 15:44:20 +0000 (16:44 +0100)]
zzip32.h was never used in opensource code #44
Guido Draheim [Thu, 15 Mar 2018 22:54:37 +0000 (23:54 +0100)]
fix for zz_rootsize #41
Guido Draheim [Wed, 14 Mar 2018 06:54:06 +0000 (07:54 +0100)]
somehow the test does not not extract anythong #41
Guido Draheim [Wed, 14 Mar 2018 06:51:44 +0000 (07:51 +0100)]
testcase - with disk_close we have EXIT_OK #40
Guido Draheim [Wed, 14 Mar 2018 06:50:44 +0000 (07:50 +0100)]
ensure disk_close to avoid mem-leak #40
Guido Draheim [Tue, 13 Mar 2018 01:33:52 +0000 (02:33 +0100)]
add test_65482 for memlean #40
Guido Draheim [Tue, 13 Mar 2018 01:23:29 +0000 (02:23 +0100)]
add --with-asan option #40
Guido Draheim [Tue, 13 Mar 2018 00:50:36 +0000 (01:50 +0100)]
check rootseek after correction #41
Guido Draheim [Tue, 13 Mar 2018 00:29:44 +0000 (01:29 +0100)]
check zlib space to be within buffer #39
Guido Draheim [Tue, 13 Mar 2018 00:13:51 +0000 (01:13 +0100)]
add testcase for invalid-mem #39
Guido Draheim [Tue, 13 Mar 2018 00:04:27 +0000 (01:04 +0100)]
add testcase for zzip_parse #41
Guido Draheim [Mon, 12 Mar 2018 23:23:33 +0000 (00:23 +0100)]
check rootseek and rootsize to be positive #27
Guido Draheim [Mon, 12 Mar 2018 23:13:46 +0000 (00:13 +0100)]
creating testcase for validation error #27
Guido Draheim [Mon, 12 Mar 2018 22:19:19 +0000 (23:19 +0100)]
update test/test.zip
Guido Draheim [Mon, 12 Mar 2018 22:19:02 +0000 (23:19 +0100)]
testcases - unzip-mem can now unpack with exitcode 0
Guido Draheim [Mon, 12 Mar 2018 22:06:57 +0000 (23:06 +0100)]
string mapping 'comprlevel' should be indexed by length, not sizeof #42 #43
Guido Draheim [Mon, 12 Mar 2018 22:05:28 +0000 (23:05 +0100)]
testcases for zzdir sigsegv on #42 #43
Guido Draheim [Mon, 12 Mar 2018 21:47:15 +0000 (22:47 +0100)]
add m4/ax_check_enable_debug.m4
Guido Draheim [Mon, 5 Mar 2018 06:26:52 +0000 (07:26 +0100)]
docs unescape from dbk entities
Guido Draheim [Mon, 5 Mar 2018 06:16:03 +0000 (07:16 +0100)]
change doc-clean
Guido Draheim [Mon, 5 Mar 2018 06:12:41 +0000 (07:12 +0100)]
docs
Guido Draheim [Mon, 5 Mar 2018 06:11:20 +0000 (07:11 +0100)]
docs
Guido Draheim [Mon, 5 Mar 2018 06:10:51 +0000 (07:10 +0100)]
docs
Guido Draheim [Mon, 5 Mar 2018 06:04:36 +0000 (07:04 +0100)]
docs
Guido Draheim [Mon, 5 Mar 2018 06:02:00 +0000 (07:02 +0100)]
docs
Guido Draheim [Mon, 5 Mar 2018 05:49:37 +0000 (06:49 +0100)]
docs
Guido Draheim [Mon, 5 Mar 2018 05:42:03 +0000 (06:42 +0100)]
docs
Guido Draheim [Mon, 5 Mar 2018 05:39:26 +0000 (06:39 +0100)]
docs
Guido Draheim [Sun, 4 Mar 2018 14:23:17 +0000 (15:23 +0100)]
Bitte geben Sie eine Commit-Beschreibung ein, um zu erklären, warum dieser
Guido Draheim [Sun, 4 Mar 2018 14:23:06 +0000 (15:23 +0100)]
allow to run zziptests.py --bindir=/some/installed/bin #34
Guido U. Draheim [Sat, 3 Mar 2018 19:17:26 +0000 (20:17 +0100)]
Merge pull request #38 from jwilk-forks/spelling
Fix typo
Jakub Wilk [Sat, 3 Mar 2018 18:12:00 +0000 (19:12 +0100)]
Fix typo
Guido Draheim [Fri, 2 Mar 2018 00:31:11 +0000 (01:31 +0100)]
fix test_63812 - it does show the filename now
Guido Draheim [Fri, 2 Mar 2018 00:26:17 +0000 (01:26 +0100)]
adjust test_63819 - it had really been 141 at the source url
Guido Draheim [Fri, 2 Mar 2018 00:22:28 +0000 (01:22 +0100)]
adjust test_59782
Guido Draheim [Fri, 2 Mar 2018 00:19:54 +0000 (01:19 +0100)]
adjust test_59752
Guido Draheim [Fri, 2 Mar 2018 00:15:05 +0000 (01:15 +0100)]
update to libtool-2.4.6 #32
Guido Draheim [Thu, 1 Mar 2018 23:50:24 +0000 (00:50 +0100)]
upgrade from automake-1.13 to automake-1.15 #32
Guido Draheim [Thu, 1 Mar 2018 23:41:02 +0000 (00:41 +0100)]
do not check int/long/ptr sizes when stdint.h is available #33
Guido Draheim [Thu, 1 Mar 2018 23:09:02 +0000 (00:09 +0100)]
fix to use _zzip_fnmatch #6
Guido Draheim [Thu, 1 Mar 2018 22:48:49 +0000 (23:48 +0100)]
use MKZIP when building test0.zip #20
Guido Draheim [Thu, 1 Mar 2018 22:47:03 +0000 (23:47 +0100)]
use MKZIP when building test0.zip #20
Guido Draheim [Thu, 1 Mar 2018 22:42:26 +0000 (23:42 +0100)]
fix to use _zzip_fnmatch #6
Guido Draheim [Thu, 1 Mar 2018 22:30:49 +0000 (23:30 +0100)]
emulating 'cp -s' behaviour #31
Guido Draheim [Thu, 1 Mar 2018 22:25:15 +0000 (23:25 +0100)]
use autoconfigured $(PYTHON) #31 #8
Guido Draheim [Thu, 1 Mar 2018 22:01:26 +0000 (23:01 +0100)]
use 'zzip/__fnmatch.h' defines #6
Guido Draheim [Thu, 1 Mar 2018 21:51:13 +0000 (22:51 +0100)]
introduce _zzip_FNM_NOESCAPE/_PATHNAME/_PERIOD #6
Guido Draheim [Thu, 1 Mar 2018 18:57:36 +0000 (19:57 +0100)]
__mmap.h does not need to store the fileMapping handle according to MINGW patches #30
Guido Draheim [Thu, 1 Mar 2018 17:55:44 +0000 (18:55 +0100)]
use intptr_t in align4, removing a truncation warning #29
Guido Draheim [Thu, 1 Mar 2018 17:52:42 +0000 (18:52 +0100)]
add stdint.h intptr_t emulation #29 #30
Guido Draheim [Thu, 1 Mar 2018 17:12:44 +0000 (18:12 +0100)]
use fopen('wb') for output files / patch from TexLive TLpatches/patch-01-binary
Guido Draheim [Thu, 1 Mar 2018 13:41:07 +0000 (14:41 +0100)]
adding dbk2man.py to regenerate manpages.tar without xmlto #8
Guido Draheim [Thu, 1 Mar 2018 01:09:35 +0000 (02:09 +0100)]
remake test0.zip and push to shipped test/test.zip #20
Guido Draheim [Thu, 1 Mar 2018 00:18:43 +0000 (01:18 +0100)]
edit last patch - move stdlib to ifdef-section, and make the internal function static #25
Guido U. Draheim [Thu, 1 Mar 2018 00:10:59 +0000 (01:10 +0100)]
Merge pull request #28 from mojca/strnlen
provide a workaround for missing strnlen #25
Mojca Miklavec [Wed, 28 Feb 2018 14:09:55 +0000 (15:09 +0100)]
provide a workaround for missing strnlen #25
The strnlen function is only defined in POSIX.1-2008.
It is missing on Solaris 10 or Mac OS X 10.6 for example.
Guido U. Draheim [Tue, 13 Feb 2018 10:02:37 +0000 (11:02 +0100)]
Merge pull request #26 from jmoellers/master
If the size of the central directory is too big, reject the file.
Josef Möllers [Tue, 13 Feb 2018 09:36:44 +0000 (10:36 +0100)]
If the size of the central directory is too big, reject the file.
Guido U. Draheim [Tue, 6 Feb 2018 16:22:34 +0000 (17:22 +0100)]
Merge pull request #19 from jmoellers/master
Make sure an extension block is large enough.
Josef Möllers [Tue, 6 Feb 2018 15:16:36 +0000 (16:16 +0100)]
- If an extension block is too small to hold an extension,
do not use the information therein.
- If the End of central directory record (EOCD) contains an
Offset of start of central directory which is beyond the end of
the file, reject the file.
[CVE-2018-6540]
Guido Draheim [Mon, 5 Feb 2018 20:46:57 +0000 (21:46 +0100)]
v0.13.68
Guido Draheim [Mon, 5 Feb 2018 20:41:54 +0000 (21:41 +0100)]
'Now hosted on' message to github.com #13
Guido Draheim [Mon, 5 Feb 2018 20:10:47 +0000 (21:10 +0100)]
update docs with references to github.com #13
Guido Draheim [Mon, 5 Feb 2018 14:26:22 +0000 (15:26 +0100)]
ignore dir-entries errors elsewhere as well
Guido Draheim [Mon, 5 Feb 2018 14:22:40 +0000 (15:22 +0100)]
only firstlevel subdir was made, and later dir-entries may be directories
Guido Draheim [Mon, 5 Feb 2018 13:44:45 +0000 (14:44 +0100)]
list works, but unpack fails #17
Guido Draheim [Mon, 5 Feb 2018 13:37:13 +0000 (14:37 +0100)]
fopen may fail for a bad name -> EXIT_ERRORS in that case #17
Guido Draheim [Mon, 5 Feb 2018 12:58:42 +0000 (13:58 +0100)]
fixed test_65402 on CVE #15
Guido Draheim [Mon, 5 Feb 2018 12:57:49 +0000 (13:57 +0100)]
need to check on endbuf for stored files #15
Guido Draheim [Mon, 5 Feb 2018 12:09:25 +0000 (13:09 +0100)]
rephrase pre-malloc check
Guido Draheim [Mon, 5 Feb 2018 11:50:37 +0000 (12:50 +0100)]
check on null in macros
Guido Draheim [Mon, 5 Feb 2018 11:29:28 +0000 (12:29 +0100)]
do not run perror in lib-code, just make debug diagnostics
Guido Draheim [Mon, 5 Feb 2018 11:21:34 +0000 (12:21 +0100)]
more DBG for diskopen
Guido Draheim [Mon, 5 Feb 2018 11:02:59 +0000 (12:02 +0100)]
adapt testcases for DBG
Guido Draheim [Mon, 5 Feb 2018 10:59:37 +0000 (11:59 +0100)]
use DBG in cat-mem
Guido Draheim [Mon, 5 Feb 2018 10:51:47 +0000 (11:51 +0100)]
check on test_63113
Guido Draheim [Mon, 5 Feb 2018 10:50:16 +0000 (11:50 +0100)]
check on test_63013
Guido Draheim [Mon, 5 Feb 2018 10:49:14 +0000 (11:49 +0100)]
check on test_64848
Guido Draheim [Mon, 5 Feb 2018 10:47:45 +0000 (11:47 +0100)]
check on test_64018
Guido Draheim [Mon, 5 Feb 2018 10:44:14 +0000 (11:44 +0100)]
correcting download-raw for older CVEs and checking the sizes
Guido Draheim [Mon, 5 Feb 2018 10:26:23 +0000 (11:26 +0100)]
adding test_63018 with zzdir
Guido Draheim [Mon, 5 Feb 2018 10:18:07 +0000 (11:18 +0100)]
adding test_64848 with zzdir
Guido Draheim [Mon, 5 Feb 2018 10:12:02 +0000 (11:12 +0100)]
double check test_65414
Guido Draheim [Mon, 5 Feb 2018 10:07:01 +0000 (11:07 +0100)]
allow to run 'make test_xxxx' directly
Guido Draheim [Mon, 5 Feb 2018 09:59:28 +0000 (10:59 +0100)]
double-checking download-size, correcting raw-download from github
Guido Draheim [Mon, 5 Feb 2018 09:29:14 +0000 (10:29 +0100)]
reorganize testcases for CVEs
Guido Draheim [Mon, 5 Feb 2018 02:37:23 +0000 (03:37 +0100)]
fix error as zzip_entry_strdup_name might return NULL #4 #12
Guido Draheim [Mon, 5 Feb 2018 02:10:57 +0000 (03:10 +0100)]
adapt tests to be run --without-debug configuration
Guido Draheim [Mon, 5 Feb 2018 01:20:05 +0000 (02:20 +0100)]
test_63119 should reproduce #11 but it is ok
Guido Draheim [Mon, 5 Feb 2018 01:12:41 +0000 (02:12 +0100)]
test_65419 should reproduce CVE-2918-6541 but it is ok
Guido Draheim [Sun, 4 Feb 2018 22:48:13 +0000 (23:48 +0100)]
test_65427 should reproduce CVE-2918-6542 but it is ok
Guido Draheim [Sun, 4 Feb 2018 22:35:22 +0000 (23:35 +0100)]
expecting test_59806 (2 of 2)
Guido Draheim [Sun, 4 Feb 2018 22:32:23 +0000 (23:32 +0100)]
CVE 5977 fix complete
Guido Draheim [Sun, 4 Feb 2018 22:30:48 +0000 (23:30 +0100)]
CVE 5978 - bus error in test_59786
Guido Draheim [Sun, 4 Feb 2018 22:26:28 +0000 (23:26 +0100)]
CVE 5979 test_59788 leaves empty file
Guido Draheim [Sun, 4 Feb 2018 22:25:05 +0000 (23:25 +0100)]
CVE 5974 test_59748 leaves empty file
Guido Draheim [Sun, 4 Feb 2018 22:23:03 +0000 (23:23 +0100)]
CVE 5975 says corrupted now
Guido Draheim [Sun, 4 Feb 2018 22:20:21 +0000 (23:20 +0100)]
CVE 5976 - test_59768 leaves empty file
Guido Draheim [Sun, 4 Feb 2018 22:13:46 +0000 (23:13 +0100)]
CVE 5980 - bus error test_59806 #4
Guido Draheim [Sun, 4 Feb 2018 22:07:46 +0000 (23:07 +0100)]
CVE 5981 not fatal