archlinuxarm/PKGBUILDs
1
0
Fork 0
mirror of https://github.com/archlinuxarm/PKGBUILDs.git synced 2024-09-19 22:08:32 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

extra/p7zip to 15.14.1-2

Browse source
This commit is contained in:
David Beauchamp 2016-05-17 18:18:32 -04:00
parent 3106a04787
commit ce90a7a450
3 changed files with 52 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

24
extra/p7zip/CVE-2016-2334.patch Normal file
View file

@ -0,0 +1,24 @@
Index: p7zip_15.14.1/CPP/7zip/Archive/HfsHandler.cpp
===================================================================
--- p7zip_15.14.1.orig/CPP/7zip/Archive/HfsHandler.cpp
+++ p7zip_15.14.1/CPP/7zip/Archive/HfsHandler.cpp
@@ -987,7 +987,9 @@ HRESULT CDatabase::LoadCatalog(const CFo
item.GroupID = Get32(r + 0x24);
item.AdminFlags = r[0x28];
item.OwnerFlags = r[0x29];
+ */
item.FileMode = Get16(r + 0x2A);
+ /*
item.special.iNodeNum = Get16(r + 0x2C); // or .linkCount
item.FileType = Get32(r + 0x30);
item.FileCreator = Get32(r + 0x34);
@@ -1572,6 +1574,9 @@ HRESULT CHandler::ExtractZlibFile(
UInt32 size = GetUi32(tableBuf + i * 8 + 4);
+ if (size > buf.Size() || size > kCompressionBlockSize + 1)
+ return S_FALSE;
+
RINOK(ReadStream_FALSE(inStream, buf, size));
if ((buf[0] & 0xF) == 0xF)

17
extra/p7zip/CVE-2016-2335.patch Normal file
View file

@ -0,0 +1,17 @@
Index: p7zip_15.14.1/CPP/7zip/Archive/Udf/UdfIn.cpp
===================================================================
--- p7zip_15.14.1.orig/CPP/7zip/Archive/Udf/UdfIn.cpp
+++ p7zip_15.14.1/CPP/7zip/Archive/Udf/UdfIn.cpp
@@ -389,7 +389,11 @@ HRESULT CInArchive::ReadFileItem(int vol
return S_FALSE;
CFile &file = Files.Back();
const CLogVol &vol = LogVols[volIndex];
- CPartition &partition = Partitions[vol.PartitionMaps[lad.Location.PartitionRef].PartitionIndex];
+ unsigned partitionRef = lad.Location.PartitionRef;
+
+ if (partitionRef >= vol.PartitionMaps.Size())
+ return S_FALSE;
+ CPartition &partition = Partitions[vol.PartitionMaps[partitionRef].PartitionIndex];
UInt32 key = lad.Location.Pos;
UInt32 value;

14
extra/p7zip/PKGBUILD
View file

@ -11,7 +11,7 @@
pkgname=p7zip pkgname=p7zip
pkgver=15.14.1 pkgver=15.14.1
pkgrel=1 pkgrel=2
pkgdesc="Command-line file archiver with high compression ratio" pkgdesc="Command-line file archiver with high compression ratio"
arch=('i686' 'x86_64') arch=('i686' 'x86_64')
url="http://p7zip.sourceforge.net/" url="http://p7zip.sourceforge.net/"
@ -20,13 +20,21 @@ depends=('gcc-libs' 'sh')
makedepends_i686=('nasm') makedepends_i686=('nasm')
makedepends_x86_64=('yasm') makedepends_x86_64=('yasm')
install=$pkgname.install install=$pkgname.install
source=(https://downloads.sourceforge.net/project/$pkgname/$pkgname/$pkgver/${pkgname}_${pkgver}_src_all.tar.bz2) source=(https://downloads.sourceforge.net/project/$pkgname/$pkgname/$pkgver/${pkgname}_${pkgver}_src_all.tar.bz2
sha256sums=('699db4da3621904113e040703220abb1148dfef477b55305e2f14a4f1f8f25d4') CVE-2016-2334.patch
CVE-2016-2335.patch)
sha256sums=('699db4da3621904113e040703220abb1148dfef477b55305e2f14a4f1f8f25d4'
'632cae14095e065cb550b0f16faf39d8f822d0a8bb5b605e903f3bc7657a4ee5'
'368870f92c658e8add261695923470855a969c0d7ecafd880ec7144ac245adbf')
prepare() { prepare() {
cd "$srcdir/${pkgname}_$pkgver" cd "$srcdir/${pkgname}_$pkgver"
cp makefile.linux_any_cpu_gcc_4.X makefile.machine cp makefile.linux_any_cpu_gcc_4.X makefile.machine
# https://sourceforge.net/p/p7zip/discussion/383043/thread/9d0fb86b/
patch -Np1 -i ../CVE-2016-2334.patch
patch -Np1 -i ../CVE-2016-2335.patch
} }
build() { build() {