-
Bug
-
Resolution: Done-Errata
-
Normal
-
rhel-10.0
-
None
-
unzip-6.0-67.el10
-
None
-
Moderate
-
rhel-plumbers
-
ssg_core_services
-
24
-
1
-
None
-
None
-
Pass
-
Not Needed
-
Automated
-
All
-
None
zipinfo, which is provided by package unzip, does an invalid memory access when printing it usage.
This leads to garbage being written to the console, or even crash:
run 1:
miscellaneous options: -h print header line -t print totals for listed files or for all -z print zipfile comment -T? print file times in sortable decimal format ?-C be case-insensitive 4l?????```??`????????????????????????????????
run 2:
miscellaneous options: -h print header line -t print totals for listed files or for all -z print zipfile comment `-T? print file times in sortable decimal format ?-C? be case-insensitive (null) -x exclude filenames that follow from listing
run 3:
miscellaneous options: -h print header line -t print totals for listed files or for all -z print zipfile comment ?-T? print file times in sortable decimal format -Cv be case-insensitive 20 April 2009 -x exclude filenames that follow from listing
run 4:
segmentation fault
The problem happens because a call to sprintfs is made with several '%c' modifiers, but without passing proper arguments.
This generates also several compiler warnings, which were ignored until now.
The bug was introduced by this patch:
https://src.fedoraproject.org/rpms/unzip/blob/rawhide/f/unzip-6.0-alt-iconv-utf8.patch
- links to
-
RHBA-2024:142078
unzip bug fix and enhancement update
