package/p7zip/0001-CVE-2016-9296.patch - buildroot - Git at Google

 From: Robert Luberda <robert@debian.org>
 Date: Sat, 19 Nov 2016 08:48:08 +0100
 Subject: Fix nullptr dereference (CVE-2016-9296)

 Patch taken from https://sourceforge.net/p/p7zip/bugs/185/

 Signed-off-by: André Hentschel <nerv@dawncrow.de>
 ---
  CPP/7zip/Archive/7z/7zIn.cpp | 3 ++-
  1 file changed, 2 insertions(+), 1 deletion(-)

 diff --git a/CPP/7zip/Archive/7z/7zIn.cpp b/CPP/7zip/Archive/7z/7zIn.cpp
 index b0c6b98..7c6dde2 100644
 --- a/CPP/7zip/Archive/7z/7zIn.cpp
 +++ b/CPP/7zip/Archive/7z/7zIn.cpp
 @@ -1097,7 +1097,8 @@ HRESULT CInArchive::ReadAndDecodePackedStreams(
        if (CrcCalc(data, unpackSize) != folders.FolderCRCs.Vals[i])
          ThrowIncorrect();
    }
 -  HeadersSize += folders.PackPositions[folders.NumPackStreams];
 +  if (folders.PackPositions)
 +      HeadersSize += folders.PackPositions[folders.NumPackStreams];
    return S_OK;
  }
	From: Robert Luberda <robert@debian.org>
	Date: Sat, 19 Nov 2016 08:48:08 +0100
	Subject: Fix nullptr dereference (CVE-2016-9296)

	Patch taken from https://sourceforge.net/p/p7zip/bugs/185/

	Signed-off-by: André Hentschel <nerv@dawncrow.de>
	---
	CPP/7zip/Archive/7z/7zIn.cpp \| 3 ++-
	1 file changed, 2 insertions(+), 1 deletion(-)

	diff --git a/CPP/7zip/Archive/7z/7zIn.cpp b/CPP/7zip/Archive/7z/7zIn.cpp
	index b0c6b98..7c6dde2 100644
	--- a/CPP/7zip/Archive/7z/7zIn.cpp
	+++ b/CPP/7zip/Archive/7z/7zIn.cpp
	@@ -1097,7 +1097,8 @@ HRESULT CInArchive::ReadAndDecodePackedStreams(
	if (CrcCalc(data, unpackSize) != folders.FolderCRCs.Vals[i])
	ThrowIncorrect();
	}
	- HeadersSize += folders.PackPositions[folders.NumPackStreams];
	+ if (folders.PackPositions)
	+ HeadersSize += folders.PackPositions[folders.NumPackStreams];
	return S_OK;
	}