From 2da69a08ce12325672e852ac2980ad25301242f6 Mon Sep 17 00:00:00 2001
From: André Fabian Silva Delgado <emulatorman@parabola.nu>
Date: Wed, 18 May 2016 13:56:12 -0300
Subject: p7zip-15.14.1-2.parabola1: add patches for CVE-2016-2334 and
 CVE-2016-2335

---
 libre/p7zip/CVE-2016-2335.patch | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)
 create mode 100644 libre/p7zip/CVE-2016-2335.patch

(limited to 'libre/p7zip/CVE-2016-2335.patch')

diff --git a/libre/p7zip/CVE-2016-2335.patch b/libre/p7zip/CVE-2016-2335.patch
new file mode 100644
index 000000000..a00d6a386
--- /dev/null
+++ b/libre/p7zip/CVE-2016-2335.patch
@@ -0,0 +1,17 @@
+Index: p7zip_15.14.1/CPP/7zip/Archive/Udf/UdfIn.cpp
+===================================================================
+--- p7zip_15.14.1.orig/CPP/7zip/Archive/Udf/UdfIn.cpp
++++ p7zip_15.14.1/CPP/7zip/Archive/Udf/UdfIn.cpp
+@@ -389,7 +389,11 @@ HRESULT CInArchive::ReadFileItem(int vol
+     return S_FALSE;
+   CFile &file = Files.Back();
+   const CLogVol &vol = LogVols[volIndex];
+-  CPartition &partition = Partitions[vol.PartitionMaps[lad.Location.PartitionRef].PartitionIndex];
++  unsigned partitionRef = lad.Location.PartitionRef;
++
++  if (partitionRef >= vol.PartitionMaps.Size())
++  	return S_FALSE;
++  CPartition &partition = Partitions[vol.PartitionMaps[partitionRef].PartitionIndex];
+ 
+   UInt32 key = lad.Location.Pos;
+   UInt32 value;
-- 
cgit v1.2.3-54-g00ecf