[arch-commits] Commit in p7zip/trunk (3 files)
Evangelos Foutras
foutrelis at archlinux.org
Tue May 17 21:43:53 UTC 2016
Date: Tuesday, May 17, 2016 @ 23:43:53
Author: foutrelis
Revision: 268263
upgpkg: p7zip 15.14.1-2
Add patches for CVE-2016-2334 and CVE-2016-2335.
Added:
p7zip/trunk/CVE-2016-2334.patch
p7zip/trunk/CVE-2016-2335.patch
Modified:
p7zip/trunk/PKGBUILD
---------------------+
CVE-2016-2334.patch | 24 ++++++++++++++++++++++++
CVE-2016-2335.patch | 17 +++++++++++++++++
PKGBUILD | 14 +++++++++++---
3 files changed, 52 insertions(+), 3 deletions(-)
Added: CVE-2016-2334.patch
===================================================================
--- CVE-2016-2334.patch (rev 0)
+++ CVE-2016-2334.patch 2016-05-17 21:43:53 UTC (rev 268263)
@@ -0,0 +1,24 @@
+Index: p7zip_15.14.1/CPP/7zip/Archive/HfsHandler.cpp
+===================================================================
+--- p7zip_15.14.1.orig/CPP/7zip/Archive/HfsHandler.cpp
++++ p7zip_15.14.1/CPP/7zip/Archive/HfsHandler.cpp
+@@ -987,7 +987,9 @@ HRESULT CDatabase::LoadCatalog(const CFo
+ item.GroupID = Get32(r + 0x24);
+ item.AdminFlags = r[0x28];
+ item.OwnerFlags = r[0x29];
++ */
+ item.FileMode = Get16(r + 0x2A);
++ /*
+ item.special.iNodeNum = Get16(r + 0x2C); // or .linkCount
+ item.FileType = Get32(r + 0x30);
+ item.FileCreator = Get32(r + 0x34);
+@@ -1572,6 +1574,9 @@ HRESULT CHandler::ExtractZlibFile(
+
+ UInt32 size = GetUi32(tableBuf + i * 8 + 4);
+
++ if (size > buf.Size() || size > kCompressionBlockSize + 1)
++ return S_FALSE;
++
+ RINOK(ReadStream_FALSE(inStream, buf, size));
+
+ if ((buf[0] & 0xF) == 0xF)
Added: CVE-2016-2335.patch
===================================================================
--- CVE-2016-2335.patch (rev 0)
+++ CVE-2016-2335.patch 2016-05-17 21:43:53 UTC (rev 268263)
@@ -0,0 +1,17 @@
+Index: p7zip_15.14.1/CPP/7zip/Archive/Udf/UdfIn.cpp
+===================================================================
+--- p7zip_15.14.1.orig/CPP/7zip/Archive/Udf/UdfIn.cpp
++++ p7zip_15.14.1/CPP/7zip/Archive/Udf/UdfIn.cpp
+@@ -389,7 +389,11 @@ HRESULT CInArchive::ReadFileItem(int vol
+ return S_FALSE;
+ CFile &file = Files.Back();
+ const CLogVol &vol = LogVols[volIndex];
+- CPartition &partition = Partitions[vol.PartitionMaps[lad.Location.PartitionRef].PartitionIndex];
++ unsigned partitionRef = lad.Location.PartitionRef;
++
++ if (partitionRef >= vol.PartitionMaps.Size())
++ return S_FALSE;
++ CPartition &partition = Partitions[vol.PartitionMaps[partitionRef].PartitionIndex];
+
+ UInt32 key = lad.Location.Pos;
+ UInt32 value;
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2016-05-17 21:41:51 UTC (rev 268262)
+++ PKGBUILD 2016-05-17 21:43:53 UTC (rev 268263)
@@ -8,7 +8,7 @@
pkgname=p7zip
pkgver=15.14.1
-pkgrel=1
+pkgrel=2
pkgdesc="Command-line file archiver with high compression ratio"
arch=('i686' 'x86_64')
url="http://p7zip.sourceforge.net/"
@@ -17,8 +17,12 @@
makedepends_i686=('nasm')
makedepends_x86_64=('yasm')
install=$pkgname.install
-source=(https://downloads.sourceforge.net/project/$pkgname/$pkgname/$pkgver/${pkgname}_${pkgver}_src_all.tar.bz2)
-sha256sums=('699db4da3621904113e040703220abb1148dfef477b55305e2f14a4f1f8f25d4')
+source=(https://downloads.sourceforge.net/project/$pkgname/$pkgname/$pkgver/${pkgname}_${pkgver}_src_all.tar.bz2
+ CVE-2016-2334.patch
+ CVE-2016-2335.patch)
+sha256sums=('699db4da3621904113e040703220abb1148dfef477b55305e2f14a4f1f8f25d4'
+ '632cae14095e065cb550b0f16faf39d8f822d0a8bb5b605e903f3bc7657a4ee5'
+ '368870f92c658e8add261695923470855a969c0d7ecafd880ec7144ac245adbf')
prepare() {
cd "$srcdir/${pkgname}_$pkgver"
@@ -28,6 +32,10 @@
else
cp makefile.linux_x86_asm_gcc_4.X makefile.machine
fi
+
+ # https://sourceforge.net/p/p7zip/discussion/383043/thread/9d0fb86b/
+ patch -Np1 -i ../CVE-2016-2334.patch
+ patch -Np1 -i ../CVE-2016-2335.patch
}
build() {
More information about the arch-commits
mailing list