HYL_OK3568_LINUX/yocto/poky/meta/recipes-bsp/lrzsz/lrzsz-0.12.20/cve-2018-10195.patch

Integer overflow in src/zm.c:zsdata() causes crash in sz and can leak information to receiver.

Patch taken from Fedora.

CVE: CVE-2018-10195
Upstream-Status: Inappropriate (dead upstream)
Signed-off-by: Ross Burton <ross.burton@intel.com>

diff -urN lrzsz-0.12.20/src/zm.c lrzsz-0.12.20.new/src/zm.c
--- lrzsz-0.12.20/src/zm.c	Tue Dec 29 09:48:38 1998
+++ lrzsz-0.12.20.new/src/zm.c	Tue Oct  8 12:46:58 2002
@@ -431,10 +431,12 @@
 	VPRINTF(3,("zsdata: %lu %s", (unsigned long) length, 
 		Zendnames[(frameend-ZCRCE)&3]));
 	crc = 0;
-	do {
-		zsendline(*buf); crc = updcrc((0377 & *buf), crc);
-		buf++;
-	} while (--length>0);
+
+	for( ; length; length--) {
+	  zsendline(*buf); crc = updcrc((0377 & *buf), crc);
+	  buf++;
+	}
+
 	xsendline(ZDLE); xsendline(frameend);
 	crc = updcrc(frameend, crc);
first commit 2025-05-10 21:49:39 +08:00			`Integer overflow in src/zm.c:zsdata() causes crash in sz and can leak information to receiver.`

			`Patch taken from Fedora.`

			`CVE: CVE-2018-10195`
			`Upstream-Status: Inappropriate (dead upstream)`
			`Signed-off-by: Ross Burton <ross.burton@intel.com>`

			`diff -urN lrzsz-0.12.20/src/zm.c lrzsz-0.12.20.new/src/zm.c`
			`--- lrzsz-0.12.20/src/zm.c Tue Dec 29 09:48:38 1998`
			`+++ lrzsz-0.12.20.new/src/zm.c Tue Oct 8 12:46:58 2002`
			`@@ -431,10 +431,12 @@`
			`VPRINTF(3,("zsdata: %lu %s", (unsigned long) length,`
			`Zendnames[(frameend-ZCRCE)&3]));`
			`crc = 0;`
			`- do {`
			`- zsendline(buf); crc = updcrc((0377 & buf), crc);`
			`- buf++;`
			`- } while (--length>0);`
			`+`
			`+ for( ; length; length--) {`
			`+ zsendline(buf); crc = updcrc((0377 & buf), crc);`
			`+ buf++;`
			`+ }`
			`+`
			`xsendline(ZDLE); xsendline(frameend);`
			`crc = updcrc(frameend, crc);`