p7zip: fix CVE-2016-2334 and CVE-2016-2335

srcpkgs/p7zip/patches/CVE-2016-2334.patch

@@ -0,0 +1,24 @@
+Index: CPP/7zip/Archive/HfsHandler.cpp
+===================================================================
+--- CPP/7zip/Archive/HfsHandler.cpp.orig
++++ CPP/7zip/Archive/HfsHandler.cpp
+@@ -987,7 +987,9 @@ HRESULT CDatabase::LoadCatalog(const CFo
+       item.GroupID = Get32(r + 0x24);
+       item.AdminFlags = r[0x28];
+       item.OwnerFlags = r[0x29];
++      */
+       item.FileMode = Get16(r + 0x2A);
++      /*
+       item.special.iNodeNum = Get16(r + 0x2C); // or .linkCount
+       item.FileType = Get32(r + 0x30);
+       item.FileCreator = Get32(r + 0x34);
+@@ -1572,6 +1574,9 @@ HRESULT CHandler::ExtractZlibFile(
+ 
+     UInt32 size = GetUi32(tableBuf + i * 8 + 4);
+ 
++    if (size > buf.Size() || size > kCompressionBlockSize + 1)
++        return S_FALSE;
++
+     RINOK(ReadStream_FALSE(inStream, buf, size));
+ 
+     if ((buf[0] & 0xF) == 0xF)

srcpkgs/p7zip/patches/CVE-2016-2335.patch

@@ -0,0 +1,17 @@
+Index: CPP/7zip/Archive/Udf/UdfIn.cpp
+===================================================================
+--- CPP/7zip/Archive/Udf/UdfIn.cpp.orig
++++ CPP/7zip/Archive/Udf/UdfIn.cpp
+@@ -389,7 +389,11 @@ HRESULT CInArchive::ReadFileItem(int vol
+     return S_FALSE;
+   CFile &file = Files.Back();
+   const CLogVol &vol = LogVols[volIndex];
+-  CPartition &partition = Partitions[vol.PartitionMaps[lad.Location.PartitionRef].PartitionIndex];
++  unsigned partitionRef = lad.Location.PartitionRef;
++
++  if (partitionRef >= vol.PartitionMaps.Size())
++  	return S_FALSE;
++  CPartition &partition = Partitions[vol.PartitionMaps[partitionRef].PartitionIndex];
+ 
+   UInt32 key = lad.Location.Pos;
+   UInt32 value;

srcpkgs/p7zip/template

@@ -1,7 +1,7 @@
 # Template file for 'p7zip'
 pkgname=p7zip
 version=15.14.1
-revision=1
+revision=2
 wrksrc="${pkgname}_${version}"
 hostmakedepends="yasm nasm"
 short_desc="Command-line version of the 7zip compressed file archive"