diff --git a/srcpkgs/p7zip/patches/CVE-2016-2334.patch b/srcpkgs/p7zip/patches/CVE-2016-2334.patch new file mode 100644 index 00000000000..0da72ef9a83 --- /dev/null +++ b/srcpkgs/p7zip/patches/CVE-2016-2334.patch @@ -0,0 +1,24 @@ +Index: CPP/7zip/Archive/HfsHandler.cpp +=================================================================== +--- CPP/7zip/Archive/HfsHandler.cpp.orig ++++ CPP/7zip/Archive/HfsHandler.cpp +@@ -987,7 +987,9 @@ HRESULT CDatabase::LoadCatalog(const CFo + item.GroupID = Get32(r + 0x24); + item.AdminFlags = r[0x28]; + item.OwnerFlags = r[0x29]; ++ */ + item.FileMode = Get16(r + 0x2A); ++ /* + item.special.iNodeNum = Get16(r + 0x2C); // or .linkCount + item.FileType = Get32(r + 0x30); + item.FileCreator = Get32(r + 0x34); +@@ -1572,6 +1574,9 @@ HRESULT CHandler::ExtractZlibFile( + + UInt32 size = GetUi32(tableBuf + i * 8 + 4); + ++ if (size > buf.Size() || size > kCompressionBlockSize + 1) ++ return S_FALSE; ++ + RINOK(ReadStream_FALSE(inStream, buf, size)); + + if ((buf[0] & 0xF) == 0xF) diff --git a/srcpkgs/p7zip/patches/CVE-2016-2335.patch b/srcpkgs/p7zip/patches/CVE-2016-2335.patch new file mode 100644 index 00000000000..be0c33234f2 --- /dev/null +++ b/srcpkgs/p7zip/patches/CVE-2016-2335.patch @@ -0,0 +1,17 @@ +Index: CPP/7zip/Archive/Udf/UdfIn.cpp +=================================================================== +--- CPP/7zip/Archive/Udf/UdfIn.cpp.orig ++++ CPP/7zip/Archive/Udf/UdfIn.cpp +@@ -389,7 +389,11 @@ HRESULT CInArchive::ReadFileItem(int vol + return S_FALSE; + CFile &file = Files.Back(); + const CLogVol &vol = LogVols[volIndex]; +- CPartition &partition = Partitions[vol.PartitionMaps[lad.Location.PartitionRef].PartitionIndex]; ++ unsigned partitionRef = lad.Location.PartitionRef; ++ ++ if (partitionRef >= vol.PartitionMaps.Size()) ++ return S_FALSE; ++ CPartition &partition = Partitions[vol.PartitionMaps[partitionRef].PartitionIndex]; + + UInt32 key = lad.Location.Pos; + UInt32 value; diff --git a/srcpkgs/p7zip/template b/srcpkgs/p7zip/template index d24185ef884..f9b6fa43624 100644 --- a/srcpkgs/p7zip/template +++ b/srcpkgs/p7zip/template @@ -1,7 +1,7 @@ # Template file for 'p7zip' pkgname=p7zip version=15.14.1 -revision=1 +revision=2 wrksrc="${pkgname}_${version}" hostmakedepends="yasm nasm" short_desc="Command-line version of the 7zip compressed file archive"