blob: 439f753feccdd4f3bcaf1a133ddf1c3fadbe1f86 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
|
--- p7zip_9.38.1.orig/CPP/7zip/Archive/7z/7zIn.cpp 2015-01-05 18:38:01.000000000 +0000
+++ p7zip_9.38.1/CPP/7zip/Archive/7z/7zIn.cpp 2016-12-05 08:23:08.136926892 +0000
@@ -1142,7 +1142,8 @@
if (CrcCalc(data, unpackSize) != folders.FolderCRCs.Vals[i])
ThrowIncorrect();
}
- HeadersSize += folders.PackPositions[folders.NumPackStreams];
+ if (folders.PackPositions) //this line is fixing CVE-2016-9296 (https://sourceforge.net/p/p7zip/bugs/185)
+ HeadersSize += folders.PackPositions[folders.NumPackStreams];
return S_OK;
}
|
