1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
|
unzip: Fixing security formatting issues
Fix security formatting issues related to sprintf parameters expeted.
[YOCTO #9551]
[https://bugzilla.yoctoproject.org/show_bug.cgi?id=9551]
Upstream-Status: Pending
Signed-off-by: Edwin Plauchu <edwin.plauchu.camacho@intel.com>
diff --git a/unzpriv.h b/unzpriv.h
index c8d3eab..85e693a 100644
--- a/unzpriv.h
+++ b/unzpriv.h
@@ -1006,7 +1006,7 @@
# define LoadFarStringSmall(x) Qstrfix(x)
# define LoadFarStringSmall2(x) Qstrfix(x)
# else
-# define LoadFarString(x) (char *)(x)
+# define LoadFarString(x) "%s",(char *)(x)
# define LoadFarStringSmall(x) (char *)(x)
# define LoadFarStringSmall2(x) (char *)(x)
# endif
diff --git a/fileio.c b/fileio.c
index 36bfea3..ca779c2 100644
--- a/fileio.c
+++ b/fileio.c
@@ -588,8 +588,8 @@ unsigned readbuf(__G__ buf, size) /* return number of bytes read into buf */
else if (G.incnt < 0) {
/* another hack, but no real harm copying same thing twice */
(*G.message)((zvoid *)&G,
- (uch *)LoadFarString(ReadError), /* CANNOT use slide */
- (ulg)strlen(LoadFarString(ReadError)), 0x401);
+ (uch *)(char*)(ReadError), /* CANNOT use slide */
+ (ulg)strlen((char*)(ReadError)), 0x401);
return 0; /* discarding some data; better than lock-up */
}
/* buffer ALWAYS starts on a block boundary: */
@@ -631,8 +631,8 @@ int readbyte(__G) /* refill inbuf and return a byte if available, else EOF */
} else if (G.incnt < 0) { /* "fail" (abort, retry, ...) returns this */
/* another hack, but no real harm copying same thing twice */
(*G.message)((zvoid *)&G,
- (uch *)LoadFarString(ReadError),
- (ulg)strlen(LoadFarString(ReadError)), 0x401);
+ (uch *)(char*)(ReadError),
+ (ulg)strlen((char*)(ReadError)), 0x401);
echon();
#ifdef WINDLL
longjmp(dll_error_return, 1);
@@ -1356,7 +1356,7 @@ int UZ_EXP UzpMessagePrnt(pG, buf, size, flag)
++((Uz_Globs *)pG)->lines;
if (((Uz_Globs *)pG)->lines >= ((Uz_Globs *)pG)->height)
(*((Uz_Globs *)pG)->mpause)((zvoid *)pG,
- LoadFarString(MorePrompt), 1);
+ (char*)(MorePrompt), 1);
}
#endif /* MORE */
if (MSG_STDERR(flag) && ((Uz_Globs *)pG)->UzO.tflag &&
@@ -1416,7 +1416,7 @@ int UZ_EXP UzpMessagePrnt(pG, buf, size, flag)
((Uz_Globs *)pG)->sol = TRUE;
q = p + 1;
(*((Uz_Globs *)pG)->mpause)((zvoid *)pG,
- LoadFarString(MorePrompt), 1);
+ (char*)(MorePrompt), 1);
}
}
INCSTR(p);
@@ -2176,7 +2176,7 @@ int do_string(__G__ length, option) /* return PK-type error code */
(*G.message)((zvoid *)&G, slide, (ulg)(q-slide), 0);
q = slide;
if (pause && G.extract_flag) /* don't pause for list/test */
- (*G.mpause)((zvoid *)&G, LoadFarString(QuitPrompt), 0);
+ (*G.mpause)((zvoid *)&G, (char*)(QuitPrompt), 0);
}
}
(*G.message)((zvoid *)&G, slide, (ulg)(q-slide), 0);
diff --git a/unzip.c b/unzip.c
index 2d94a38..ca135af 100644
--- a/unzip.c
+++ b/unzip.c
@@ -1079,7 +1079,7 @@ int unzip(__G__ argc, argv)
#ifndef _WIN32_WCE /* Win CE does not support environment variables */
if ((error = envargs(&argc, &argv, LoadFarStringSmall(EnvZipInfo),
LoadFarStringSmall2(EnvZipInfo2))) != PK_OK)
- perror(LoadFarString(NoMemEnvArguments));
+ perror((char*)(NoMemEnvArguments));
#endif
} else
#endif /* !NO_ZIPINFO */
@@ -1088,7 +1088,7 @@ int unzip(__G__ argc, argv)
#ifndef _WIN32_WCE /* Win CE does not support environment variables */
if ((error = envargs(&argc, &argv, LoadFarStringSmall(EnvUnZip),
LoadFarStringSmall2(EnvUnZip2))) != PK_OK)
- perror(LoadFarString(NoMemEnvArguments));
+ perror((char*)(NoMemEnvArguments));
#endif
}
diff --git a/zipinfo.c b/zipinfo.c
index 0ac75b3..8a0887c 100644
--- a/zipinfo.c
+++ b/zipinfo.c
@@ -1640,14 +1640,14 @@ static int zi_long(__G__ pEndprev, error_in_archive)
*types = '\0';
if (*ef_ptr & 1) {
- strcpy(types, LoadFarString(UTmodification));
+ strcpy(types, (char*)(UTmodification));
++num;
}
if (*ef_ptr & 2) {
len = strlen(types);
if (num)
types[len++] = '/';
- strcpy(types+len, LoadFarString(UTaccess));
+ strcpy(types+len, (char*)(UTaccess));
++num;
if (*pEndprev > 0L)
*pEndprev += 4L;
@@ -1656,7 +1656,7 @@ static int zi_long(__G__ pEndprev, error_in_archive)
len = strlen(types);
if (num)
types[len++] = '/';
- strcpy(types+len, LoadFarString(UTcreation));
+ strcpy(types+len, (char *)(UTcreation));
++num;
if (*pEndprev > 0L)
*pEndprev += 4L;
@@ -2331,7 +2331,7 @@ static char *zi_time(__G__ datetimez, modtimez, d_t_str)
/* time conversion error in verbose listing format,
* return string with '?' instead of data
*/
- return (strcpy(d_t_str, LoadFarString(lngYMDHMSTimeError)));
+ return (strcpy(d_t_str, (char*)(lngYMDHMSTimeError)));
} else
t = (struct tm *)NULL;
if (t != (struct tm *)NULL) {
|
