main/p7zip: security fix for CVE-2016-9296

author: Daniel Sabogal <dsabogalcc@gmail.com> 2016-11-23 20:59:48 -0500
committer: Timo Teräs <timo.teras@iki.fi> 2016-11-24 06:15:04 +0000
commit: ecfd306220e2d69e7c9142030a9f48260dd91f6d (patch)
tree: 0c7f06ca0168abfd7b33fe4e8e49fc159768f27f /main/p7zip/CVE-2016-9296.patch
parent: 49996c01e41bb99a03c156d6beb1991b355cf7b1 (diff)
download: aports-ecfd306220e2d69e7c9142030a9f48260dd91f6d.tar.bz2
aports-ecfd306220e2d69e7c9142030a9f48260dd91f6d.tar.xz
1 files changed, 12 insertions, 0 deletions
diff --git a/main/p7zip/CVE-2016-9296.patch b/main/p7zip/CVE-2016-9296.patch
new file mode 100644
index 0000000000..773f92a46e
--- /dev/null
+++ b/main/p7zip/CVE-2016-9296.patch
@@ -0,0 +1,12 @@
+--- ./CPP/7zip/Archive/7z/7zIn.cpp.orig	2016-11-21 01:42:29.460901230 +0000
++++ ./CPP/7zip/Archive/7z/7zIn.cpp	2016-11-21 01:42:57.481197725 +0000
+@@ -1097,7 +1097,8 @@ HRESULT CInArchive::ReadAndDecodePackedS
+       if (CrcCalc(data, unpackSize) != folders.FolderCRCs.Vals[i])
+         ThrowIncorrect();
+   }
+-  HeadersSize += folders.PackPositions[folders.NumPackStreams];
++  if (folders.PackPositions)
++      HeadersSize += folders.PackPositions[folders.NumPackStreams];
+   return S_OK;
+ }
+
author	Daniel Sabogal <dsabogalcc@gmail.com>	2016-11-23 20:59:48 -0500
committer	Timo Teräs <timo.teras@iki.fi>	2016-11-24 06:15:04 +0000
commit	ecfd306220e2d69e7c9142030a9f48260dd91f6d (patch)
tree	0c7f06ca0168abfd7b33fe4e8e49fc159768f27f /main/p7zip/CVE-2016-9296.patch
parent	49996c01e41bb99a03c156d6beb1991b355cf7b1 (diff)
download	aports-ecfd306220e2d69e7c9142030a9f48260dd91f6d.tar.bz2 aports-ecfd306220e2d69e7c9142030a9f48260dd91f6d.tar.xz