1 files changed, 31 insertions, 27 deletions
diff --git a/archivers/unarj/files/patch-CVE-2004-1027 b/archivers/unarj/files/patch-CVE-2004-1027
index 7a236040cc09..28b54b85f922 100644
--- a/archivers/unarj/files/patch-CVE-2004-1027
+++ b/archivers/unarj/files/patch-CVE-2004-1027
@@ -1,30 +1,8 @@
 - Fix unchecked path extraction problem (CAN-2004-1027)
-Index: unarj.c
-@@ -235,6 +235,8 @@ static UCRC   crctable[UCHAR_MAX + 1];
- 
- /* Functions */
- 
-+void copy_path_relative(char *dest, char *src, size_t len);
-+
- static void
- make_crctable()
- {
-@@ -738,11 +740,11 @@ extract()
- 
-     no_output = 0;
-     if (command == 'E')
--        strncopy(name, &filename[entry_pos], sizeof(name));
-+        copy_path_relative(name, &filename[entry_pos], sizeof(name));
-     else
-     {
-         strcpy(name, DEFAULT_DIR);
--        strncopy(name+strlen(name), filename, sizeof(name)-strlen(name));
-+        copy_path_relative(name+strlen(name), filename, sizeof(name)-strlen(name));
-     }
- 
-     if (host_os != OS)
-Index: Makefile
-@@ -9,7 +9,9 @@
+
+--- Makefile.orig	2004-11-29 13:47:24 UTC
++++ Makefile
+@@ -9,7 +9,9 @@ environ.o:  environ.c unarj.h
  
  decode.o:   decode.c  unarj.h
  
@@ -35,7 +13,8 @@ Index: Makefile
  
  unarj: $(OBJS)
  	$(CC) $(LDFLAGS) $(OBJS) -o unarj
-Index: sanitize.c
+--- sanitize.c.orig	2016-07-26 12:41:37 UTC
++++ sanitize.c
 @@ -0,0 +1,81 @@
 +/*
 + * Path sanitation code by Ludwig Nussel <ludwig.nussel@suse.de>. Public Domain.
@@ -118,3 +97,28 @@ Index: sanitize.c
 +    }
 +    o[len?0:-1] = '\0';
 +}
+--- unarj.c.orig	2016-07-26 12:41:37 UTC
++++ unarj.c
+@@ -231,6 +231,8 @@ static UCRC   crctable[UCHAR_MAX + 1];
+ 
+ /* Functions */
+ 
++void copy_path_relative(char *dest, char *src, size_t len);
++
+ static void
+ make_crctable()
+ {
+@@ -732,11 +734,11 @@ extract()
+ 
+     no_output = 0;
+     if (command == 'E')
+-        strncopy(name, &filename[entry_pos], sizeof(name));
++        copy_path_relative(name, &filename[entry_pos], sizeof(name));
+     else
+     {
+         strcpy(name, DEFAULT_DIR);
+-        strncopy(name+strlen(name), filename, sizeof(name)-strlen(name));
++        copy_path_relative(name+strlen(name), filename, sizeof(name)-strlen(name));
+     }
+ 
+     if (host_os != OS)