Import upstream patch to fix CVE-2025-2849

Matheus Polkornyrequested to merge
polkorny/upx-ucl:master into master

Run in upx-ucl 4.2.4-1

$upx-ucl -df input/input1 -o /dev/null

                       Ultimate Packer for eXecutables
                          Copyright (C) 1996 - 2024
UPX 4.2.4       Markus Oberhumer, Laszlo Molnar & John Reiser    May 9th 2024

        File size         Ratio      Format      Name
   --------------------   ------   -----------   -----------
[WARNING] bad b_info at 0x8d0e

Segmentation fault (core dumped)

Run in upx-ucl 4.2.4-1.1

$./upx-ucl -df input/input1 -o /dev/null

                       Ultimate Packer for eXecutables
                          Copyright (C) 1996 - 2024
UPX 4.2.4       Markus Oberhumer, Laszlo Molnar & John Reiser    May 9th 2024

        File size         Ratio      Format      Name
   --------------------   ------   -----------   -----------
[WARNING] bad b_info at 0x8d0e

upx-ucl: input/input1: CantUnpackException: bad PT_DYNAMIC .end

Unpacked 1 file: 0 ok, 1 error.

input.zip

Edited by Carlos Henrique Lima Melara

Merge request reports