Index: unix/zipgrep

CVE-2022-1271
Prevent arbitrary-file-write vulnerability if an archive member
name contains shell wild cards that expand to an existing pathname
with an exploit pattern.

--- unix/zipgrep.orig
+++ unix/zipgrep
@@ -70,7 +70,7 @@ for i in `unzip -Z1 "$zipfile" ${1+"$@"} | sed -e 's/\
     # Escape (or re-escape) shell-special characters in the archive
     # member name, "i".
     i=` echo "$i" | \
-     sed -e 's/\\\\/\\\\\\\\/g' -e 's/|/\\\|/g' -e 's/&/\\\&/g' `
+     sed -e 's/\\\\/\\\\\\\\/g' -e 's/|/\\\|/g' -e 's/&/\\\&/g' -e '$!s/$/\\\\/' `
 
     # Globally, send fd 4 to stdout.  In the pipeline, send normal
     # stdout to fd 4, and send grep status to fd 3.  Collect fd 3
