From 169d25b37e1873d6a9158585ee11c3f86ed5a128 Mon Sep 17 00:00:00 2001 From: Alessio Sergi Date: Tue, 22 Nov 2016 02:29:53 +0100 Subject: [PATCH] p7zip: patch for CVE-2016-9296 --- srcpkgs/p7zip/patches/CVE-2016-9296.patch | 12 ++++++++++++ srcpkgs/p7zip/template | 2 +- 2 files changed, 13 insertions(+), 1 deletion(-) create mode 100644 srcpkgs/p7zip/patches/CVE-2016-9296.patch diff --git a/srcpkgs/p7zip/patches/CVE-2016-9296.patch b/srcpkgs/p7zip/patches/CVE-2016-9296.patch new file mode 100644 index 0000000000..770929d163 --- /dev/null +++ b/srcpkgs/p7zip/patches/CVE-2016-9296.patch @@ -0,0 +1,12 @@ +--- CPP/7zip/Archive/7z/7zIn.cpp.orig Sun Nov 20 09:29:41 2016 ++++ CPP/7zip/Archive/7z/7zIn.cpp Sun Nov 20 09:31:22 2016 +@@ -1097,7 +1097,8 @@ HRESULT CInArchive::ReadAndDecodePackedStreams( + if (CrcCalc(data, unpackSize) != folders.FolderCRCs.Vals[i]) + ThrowIncorrect(); + } +- HeadersSize += folders.PackPositions[folders.NumPackStreams]; ++ if (folders.PackPositions) ++ HeadersSize += folders.PackPositions[folders.NumPackStreams]; + return S_OK; + } + diff --git a/srcpkgs/p7zip/template b/srcpkgs/p7zip/template index e8be01de5e..ad7e3020f4 100644 --- a/srcpkgs/p7zip/template +++ b/srcpkgs/p7zip/template @@ -1,7 +1,7 @@ # Template file for 'p7zip' pkgname=p7zip version=16.02 -revision=1 +revision=2 wrksrc="${pkgname}_${version}" hostmakedepends="yasm nasm" short_desc="Command-line version of the 7zip compressed file archive"