From 109c6a40a7ccc54493aba9952b87feacd1db4647 Mon Sep 17 00:00:00 2001
From: sevan <sevan@pkgsrc.org>
Date: Wed, 30 Nov 2016 14:29:09 +0000
Subject: Add patch for CVE-2016-9296 https://sourceforge.net/p/p7zip/bugs/185/
 Bump rev

---
 archivers/p7zip/Makefile                                   |  3 ++-
 archivers/p7zip/distinfo                                   |  3 ++-
 archivers/p7zip/patches/patch-CPP_7zip_Archive_7z_7zIn.cpp | 14 ++++++++++++++
 3 files changed, 18 insertions(+), 2 deletions(-)
 create mode 100644 archivers/p7zip/patches/patch-CPP_7zip_Archive_7z_7zIn.cpp

(limited to 'archivers')

diff --git a/archivers/p7zip/Makefile b/archivers/p7zip/Makefile
index 5225c9558e3..5801b9e12e1 100644
--- a/archivers/p7zip/Makefile
+++ b/archivers/p7zip/Makefile
@@ -1,7 +1,8 @@
-# $NetBSD: Makefile,v 1.63 2016/07/19 08:26:10 mef Exp $
+# $NetBSD: Makefile,v 1.64 2016/11/30 14:29:09 sevan Exp $
 
 DISTNAME=	p7zip_16.02_src_all
 PKGNAME=	${DISTNAME:S/_src_all//S/_/-/}
+PKGREVISION=	1
 CATEGORIES=	archivers
 MASTER_SITES=	${MASTER_SITE_SOURCEFORGE:=p7zip/}
 EXTRACT_SUFX=	.tar.bz2
diff --git a/archivers/p7zip/distinfo b/archivers/p7zip/distinfo
index 6edea56a6f9..d3835969ad9 100644
--- a/archivers/p7zip/distinfo
+++ b/archivers/p7zip/distinfo
@@ -1,9 +1,10 @@
-$NetBSD: distinfo,v 1.50 2016/07/19 08:26:10 mef Exp $
+$NetBSD: distinfo,v 1.51 2016/11/30 14:29:09 sevan Exp $
 
 SHA1 (p7zip_16.02_src_all.tar.bz2) = e8819907132811aa1afe5ef296181d3a15cc8f22
 RMD160 (p7zip_16.02_src_all.tar.bz2) = 03550898e45b3eabe4ea0df5ee3787bd8f179fd0
 SHA512 (p7zip_16.02_src_all.tar.bz2) = d2c4d53817f96bb4c7683f42045198d4cd509cfc9c3e2cb85c8d9dc4ab6dfa7496449edeac4e300ecf986a9cbbc90bd8f8feef8156895d94617c04e507add55f
 Size (p7zip_16.02_src_all.tar.bz2) = 4239909 bytes
+SHA1 (patch-CPP_7zip_Archive_7z_7zIn.cpp) = cce409d45be6ae8e96314dad1c51d9feb09bc817
 SHA1 (patch-CPP_Windows_DLL.cpp) = 12fb3f3cf4d32b8848f741dde6bcb0e56a9c6745
 SHA1 (patch-aa) = 9c103fa831cc6ff099e3a604c763ff416f1b48ec
 SHA1 (patch-ab) = c680fb037b9ef5e19e4c8dc71dd710598277a61b
diff --git a/archivers/p7zip/patches/patch-CPP_7zip_Archive_7z_7zIn.cpp b/archivers/p7zip/patches/patch-CPP_7zip_Archive_7z_7zIn.cpp
new file mode 100644
index 00000000000..15387f23b80
--- /dev/null
+++ b/archivers/p7zip/patches/patch-CPP_7zip_Archive_7z_7zIn.cpp
@@ -0,0 +1,14 @@
+$NetBSD: patch-CPP_7zip_Archive_7z_7zIn.cpp,v 1.1 2016/11/30 14:29:09 sevan Exp $
+
+CVE-2016-9296 https://sourceforge.net/p/p7zip/bugs/185/
+
+--- CPP/7zip/Archive/7z/7zIn.cpp.orig	2016-11-30 14:19:04.000000000 +0000
++++ CPP/7zip/Archive/7z/7zIn.cpp
+@@ -1097,6 +1097,7 @@ HRESULT CInArchive::ReadAndDecodePackedS
+       if (CrcCalc(data, unpackSize) != folders.FolderCRCs.Vals[i])
+         ThrowIncorrect();
+   }
++if (folders.PackPositions)
+   HeadersSize += folders.PackPositions[folders.NumPackStreams];
+   return S_OK;
+ }
-- 
cgit v1.2.3