Mercurial Mercurial > upstream > oracle > userland-gate / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/p7zip/patches/CVE-2016-2335.patch
branchs11u3-sru
changeset 6734 ea93ede4968e 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/p7zip/patches/CVE-2016-2335.patch	Wed Jul 27 11:32:28 2016 -0700
@@ -0,0 +1,23 @@
+This patch was pulled from the p7zip forums at:
+
+https://sourceforge.net/p/p7zip/discussion/383043/thread/9d0fb86b/1dba/attachment/CVE-2016-2335.patch
+
+This should be part of p7zip 16, once it ships.
+
+Index: p7zip_15.14.1/CPP/7zip/Archive/Udf/UdfIn.cpp
+===================================================================
+--- p7zip_15.14.1.orig/CPP/7zip/Archive/Udf/UdfIn.cpp
++++ p7zip_15.14.1/CPP/7zip/Archive/Udf/UdfIn.cpp
+@@ -389,7 +389,11 @@ HRESULT CInArchive::ReadFileItem(int vol
+     return S_FALSE;
+   CFile &file = Files.Back();
+   const CLogVol &vol = LogVols[volIndex];
+-  CPartition &partition = Partitions[vol.PartitionMaps[lad.Location.PartitionRef].PartitionIndex];
++  unsigned partitionRef = lad.Location.PartitionRef;
++
++  if (partitionRef >= vol.PartitionMaps.Size())
++  	return S_FALSE;
++  CPartition &partition = Partitions[vol.PartitionMaps[partitionRef].PartitionIndex];
+ 
+   UInt32 key = lad.Location.Pos;
+   UInt32 value;
upstream/oracle/userland-gate