diff options
Diffstat (limited to 'libre/p7zip/CVE-2016-2334.patch')
-rw-r--r-- | libre/p7zip/CVE-2016-2334.patch | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/libre/p7zip/CVE-2016-2334.patch b/libre/p7zip/CVE-2016-2334.patch new file mode 100644 index 000000000..1eb5163cb --- /dev/null +++ b/libre/p7zip/CVE-2016-2334.patch @@ -0,0 +1,24 @@ +Index: p7zip_15.14.1/CPP/7zip/Archive/HfsHandler.cpp +=================================================================== +--- p7zip_15.14.1.orig/CPP/7zip/Archive/HfsHandler.cpp ++++ p7zip_15.14.1/CPP/7zip/Archive/HfsHandler.cpp +@@ -987,7 +987,9 @@ HRESULT CDatabase::LoadCatalog(const CFo + item.GroupID = Get32(r + 0x24); + item.AdminFlags = r[0x28]; + item.OwnerFlags = r[0x29]; ++ */ + item.FileMode = Get16(r + 0x2A); ++ /* + item.special.iNodeNum = Get16(r + 0x2C); // or .linkCount + item.FileType = Get32(r + 0x30); + item.FileCreator = Get32(r + 0x34); +@@ -1572,6 +1574,9 @@ HRESULT CHandler::ExtractZlibFile( + + UInt32 size = GetUi32(tableBuf + i * 8 + 4); + ++ if (size > buf.Size() || size > kCompressionBlockSize + 1) ++ return S_FALSE; ++ + RINOK(ReadStream_FALSE(inStream, buf, size)); + + if ((buf[0] & 0xF) == 0xF) |