| author | pkidd <patrick.kidd@oracle.com> |
| Wed, 09 Nov 2016 09:18:21 -0800 | |
| branch | s11u3-sru14-backport |
| changeset 7283 | 645e6b8527b6 |
| parent 6734 | ea93ede4968e |
| permissions | -rw-r--r-- |
|
6734
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
1 |
This patch was pulled from the p7zip forums at: |
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
2 |
|
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
3 |
https://sourceforge.net/p/p7zip/discussion/383043/thread/9d0fb86b/1dba/attachment/CVE-2016-2335.patch |
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
4 |
|
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
5 |
This should be part of p7zip 16, once it ships. |
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
6 |
|
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
7 |
Index: p7zip_15.14.1/CPP/7zip/Archive/Udf/UdfIn.cpp |
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
8 |
=================================================================== |
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
9 |
--- p7zip_15.14.1.orig/CPP/7zip/Archive/Udf/UdfIn.cpp |
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
10 |
+++ p7zip_15.14.1/CPP/7zip/Archive/Udf/UdfIn.cpp |
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
11 |
@@ -389,7 +389,11 @@ HRESULT CInArchive::ReadFileItem(int vol |
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
12 |
return S_FALSE; |
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
13 |
CFile &file = Files.Back(); |
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
14 |
const CLogVol &vol = LogVols[volIndex]; |
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
15 |
- CPartition &partition = Partitions[vol.PartitionMaps[lad.Location.PartitionRef].PartitionIndex]; |
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
16 |
+ unsigned partitionRef = lad.Location.PartitionRef; |
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
17 |
+ |
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
18 |
+ if (partitionRef >= vol.PartitionMaps.Size()) |
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
19 |
+ return S_FALSE; |
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
20 |
+ CPartition &partition = Partitions[vol.PartitionMaps[partitionRef].PartitionIndex]; |
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
21 |
|
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
22 |
UInt32 key = lad.Location.Pos; |
|
ea93ede4968e
23313908 problem in UTILITY/P7ZIP
Lukas Rovensky <Lukas.Rovensky@oracle.com>
parents:
diff
changeset
|
23 |
UInt32 value; |