p7zip: patch for CVE-2016-9296

2016-11-22 02:29:53 +01:00 · 2016-11-22 02:29:53 +01:00 · 169d25b37e
parent c8ceadf4dc
commit 169d25b37e
2 changed files with 13 additions and 1 deletions
--- a/srcpkgs/p7zip/patches/CVE-2016-9296.patch
+++ b/srcpkgs/p7zip/patches/CVE-2016-9296.patch
@ -0,0 +1,12 @@
+--- CPP/7zip/Archive/7z/7zIn.cpp.orig	Sun Nov 20 09:29:41 2016
+++ CPP/7zip/Archive/7z/7zIn.cpp	Sun Nov 20 09:31:22 2016
+@@ -1097,7 +1097,8 @@ HRESULT CInArchive::ReadAndDecodePackedStreams(
+       if (CrcCalc(data, unpackSize) != folders.FolderCRCs.Vals[i])
+         ThrowIncorrect();
+   }
+-  HeadersSize += folders.PackPositions[folders.NumPackStreams];
+  if (folders.PackPositions)
+      HeadersSize += folders.PackPositions[folders.NumPackStreams];
+   return S_OK;
+ }
+ 
--- a/srcpkgs/p7zip/template
+++ b/srcpkgs/p7zip/template
@ -1,7 +1,7 @@
 # Template file for 'p7zip'
 pkgname=p7zip
 version=16.02
-revision=1
+revision=2
 wrksrc="${pkgname}_${version}"
 hostmakedepends="yasm nasm"
 short_desc="Command-line version of the 7zip compressed file archive"