| author | Drew Fisher <drew.fisher@oracle.com> |
| Thu, 29 Sep 2016 08:21:19 -0700 | |
| branch | s11u3-sru |
| changeset 7115 | 0c932cebfc40 |
| parent 6734 | ea93ede4968e |
| permissions | -rw-r--r-- |
|
6734
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
1 |
This patch was pulled from the p7zip forums at: |
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
2 |
|
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
3 |
https://sourceforge.net/p/p7zip/discussion/383043/thread/9d0fb86b/1dba/attachment/CVE-2016-2334.patch |
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
4 |
|
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
5 |
This should be part of p7zip 16, once it ships. |
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
6 |
|
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
7 |
Index: p7zip_15.14.1/CPP/7zip/Archive/HfsHandler.cpp |
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
8 |
=================================================================== |
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
9 |
--- p7zip_15.14.1.orig/CPP/7zip/Archive/HfsHandler.cpp |
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
10 |
+++ p7zip_15.14.1/CPP/7zip/Archive/HfsHandler.cpp |
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
11 |
@@ -987,7 +987,9 @@ HRESULT CDatabase::LoadCatalog(const CFo |
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
12 |
item.GroupID = Get32(r + 0x24); |
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
13 |
item.AdminFlags = r[0x28]; |
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
14 |
item.OwnerFlags = r[0x29]; |
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
15 |
+ */ |
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
16 |
item.FileMode = Get16(r + 0x2A); |
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
17 |
+ /* |
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
18 |
item.special.iNodeNum = Get16(r + 0x2C); // or .linkCount |
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
19 |
item.FileType = Get32(r + 0x30); |
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
20 |
item.FileCreator = Get32(r + 0x34); |
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
21 |
@@ -1572,6 +1574,9 @@ HRESULT CHandler::ExtractZlibFile( |
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
22 |
|
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
23 |
UInt32 size = GetUi32(tableBuf + i * 8 + 4); |
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
24 |
|
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
25 |
+ if (size > buf.Size() || size > kCompressionBlockSize + 1) |
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
26 |
+ return S_FALSE; |
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
27 |
+ |
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
28 |
RINOK(ReadStream_FALSE(inStream, buf, size)); |
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
29 |
|
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
30 |
if ((buf[0] & 0xF) == 0xF) |