Mercurial Mercurial > upstream > oracle > userland-gate / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/p7zip/patches/CVE-2016-2334.patch
branchs11u3-sru
changeset 6734 ea93ede4968e 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/p7zip/patches/CVE-2016-2334.patch	Wed Jul 27 11:32:28 2016 -0700
@@ -0,0 +1,30 @@
+This patch was pulled from the p7zip forums at:
+
+https://sourceforge.net/p/p7zip/discussion/383043/thread/9d0fb86b/1dba/attachment/CVE-2016-2334.patch
+
+This should be part of p7zip 16, once it ships.
+
+Index: p7zip_15.14.1/CPP/7zip/Archive/HfsHandler.cpp
+===================================================================
+--- p7zip_15.14.1.orig/CPP/7zip/Archive/HfsHandler.cpp
++++ p7zip_15.14.1/CPP/7zip/Archive/HfsHandler.cpp
+@@ -987,7 +987,9 @@ HRESULT CDatabase::LoadCatalog(const CFo
+       item.GroupID = Get32(r + 0x24);
+       item.AdminFlags = r[0x28];
+       item.OwnerFlags = r[0x29];
++      */
+       item.FileMode = Get16(r + 0x2A);
++      /*
+       item.special.iNodeNum = Get16(r + 0x2C); // or .linkCount
+       item.FileType = Get32(r + 0x30);
+       item.FileCreator = Get32(r + 0x34);
+@@ -1572,6 +1574,9 @@ HRESULT CHandler::ExtractZlibFile(
+ 
+     UInt32 size = GetUi32(tableBuf + i * 8 + 4);
+ 
++    if (size > buf.Size() || size > kCompressionBlockSize + 1)
++        return S_FALSE;
++
+     RINOK(ReadStream_FALSE(inStream, buf, size));
+ 
+     if ((buf[0] & 0xF) == 0xF)
upstream/oracle/userland-gate