mirrors/aports
1
0
Fork 0
mirror of https://gitlab.alpinelinux.org/alpine/aports.git synced 2025-08-05 21:37:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

main/p7zip: security fix for CVE-2017-17969, modernize

Browse Source
This commit is contained in:
Daniel Sabogal 2018-02-06 09:53:48 -05:00 committed by Timo Teräs
parent 8a00e9f5dc
commit 2c5e07e07d
2 changed files with 34 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
main/p7zip/APKBUILD
View File

@ -3,7 +3,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=p7zip
pkgver=16.02
pkgrel=1
pkgrel=2
pkgdesc="A command-line port of the 7zip compression utility"
url="http://p7zip.sourceforge.net"
arch="all"
@ -12,15 +12,18 @@ subpackages="$pkgname-doc"
depends=""
makedepends="bash yasm nasm"
source="http://downloads.sourceforge.net/sourceforge/$pkgname/${pkgname}_${pkgver}_src_all.tar.bz2
CVE-2016-9296.patch"
CVE-2016-9296.patch
CVE-2017-17969.patch"
builddir="$srcdir/${pkgname}_$pkgver"
# secfixes:
# 16.02-r1:
# - CVE-2016-9296
# 16.02-r2:
# - CVE-2017-17969
prepare() {
default_prepare || return 1
default_prepare
local makefile="makefile.linux_any_cpu_gcc_4.X"
case "$CARCH" in
@ -29,32 +32,34 @@ prepare() {
esac
cd "$builddir"
ln -sf $makefile makefile.machine || return 1
ln -sf $makefile makefile.machine
sed -e "s,g++,${CXX:-g++}," -i makefile.machine
sed -e "s,gcc,${CC:-gcc}," -i makefile.machine
}
check() {
cd "$builddir"
make test
}
build() {
cd "$builddir"
make all3 OPTFLAGS="${CXXFLAGS}" || return 1
make all3 OPTFLAGS="${CXXFLAGS}"
}
package() {
cd "$builddir"
make install DEST_DIR="$pkgdir" DEST_HOME="/usr" \
DEST_MAN="/usr/share/man" \
DEST_SHARE_DOC="/usr/share/doc/$pkgname" || return 1
DEST_SHARE_DOC="/usr/share/doc/$pkgname"
install -Dm755 contrib/gzip-like_CLI_wrapper_for_7z/$pkgname \
"$pkgdir"/usr/bin/$pkgname || return 1
"$pkgdir"/usr/bin/$pkgname
install -Dm644 contrib/gzip-like_CLI_wrapper_for_7z/man1/$pkgname.1 \
"$pkgdir"/usr/share/man/man1/$pkgname.1 || return 1
"$pkgdir"/usr/share/man/man1/$pkgname.1
}
md5sums="a0128d661cfe7cc8c121e73519c54fbf p7zip_16.02_src_all.tar.bz2
0f0535ca888273f3779ca14e8f186813 CVE-2016-9296.patch"
sha256sums="5eb20ac0e2944f6cb9c2d51dd6c4518941c185347d4089ea89087ffdd6e2341f p7zip_16.02_src_all.tar.bz2
f9bcbf21d4aa8938861a6cba992df13dec19538286e9ed747ccec6d9a4e8f983 CVE-2016-9296.patch"
sha512sums="d2c4d53817f96bb4c7683f42045198d4cd509cfc9c3e2cb85c8d9dc4ab6dfa7496449edeac4e300ecf986a9cbbc90bd8f8feef8156895d94617c04e507add55f p7zip_16.02_src_all.tar.bz2
7a7fddf4122c3f5d4632640149a94c285a18515f38510388709c2fb9ecd450f9f34ae2e5fe4926c1c68507567b0affa2c8e9194c732673171dd5ee625192b194 CVE-2016-9296.patch"
7a7fddf4122c3f5d4632640149a94c285a18515f38510388709c2fb9ecd450f9f34ae2e5fe4926c1c68507567b0affa2c8e9194c732673171dd5ee625192b194 CVE-2016-9296.patch
22b6437770f2fb70675ed6971239ec3d40d5b9c7e1c5aa28c670d082bd2e7d861863f2f00feacec759eab216081dc49544b980b2ebe9fe40c7d0d1ca1dfc3069 CVE-2017-17969.patch"

16
main/p7zip/CVE-2017-17969.patch Normal file
View File

@ -0,0 +1,16 @@
--- p7zip_16.02/CPP/7zip/Compress/ShrinkDecoder.cpp.orig
+++ p7zip_16.02/CPP/7zip/Compress/ShrinkDecoder.cpp
@@ -121,7 +121,12 @@
{
_stack[i++] = _suffixes[cur];
cur = _parents[cur];
- }
+ if (i >= kNumItems)
+ break;
+ }
+
+ if (i >= kNumItems)
+ break;
_stack[i++] = (Byte)cur;
lastChar2 = (Byte)cur;