From: Armin Kuster <akuster...@gmail.vom> Signed-off-by: Armin Kuster <akuster...@gmail.vom> --- .../p7zip/files/CVE-2018-5996.patch | 72 +++++++++---------- ...nge_numMethods_from_bool_to_unsigned.patch | 14 ++-- 2 files changed, 44 insertions(+), 42 deletions(-)
diff --git a/meta-oe/recipes-extended/p7zip/files/CVE-2018-5996.patch b/meta-oe/recipes-extended/p7zip/files/CVE-2018-5996.patch index 0de39e78bd..b6deb5d3a7 100644 --- a/meta-oe/recipes-extended/p7zip/files/CVE-2018-5996.patch +++ b/meta-oe/recipes-extended/p7zip/files/CVE-2018-5996.patch @@ -20,10 +20,10 @@ Signed-off-by: Virendra Thakur <virendra.tha...@kpit.com> CPP/7zip/Compress/Rar3Decoder.h | 2 ++ 6 files changed, 42 insertions(+), 8 deletions(-) -diff --git a/CPP/7zip/Compress/Rar1Decoder.cpp b/CPP/7zip/Compress/Rar1Decoder.cpp -index 1aaedcc..68030c7 100644 ---- a/CPP/7zip/Compress/Rar1Decoder.cpp -+++ b/CPP/7zip/Compress/Rar1Decoder.cpp +Index: p7zip_16.02/CPP/7zip/Compress/Rar1Decoder.cpp +=================================================================== +--- p7zip_16.02.orig/CPP/7zip/Compress/Rar1Decoder.cpp ++++ p7zip_16.02/CPP/7zip/Compress/Rar1Decoder.cpp @@ -29,7 +29,7 @@ public: }; */ @@ -33,7 +33,7 @@ index 1aaedcc..68030c7 100644 void CDecoder::InitStructures() { -@@ -406,9 +406,14 @@ HRESULT CDecoder::CodeReal(ISequentialInStream *inStream, ISequentialOutStream * +@@ -406,9 +406,14 @@ HRESULT CDecoder::CodeReal(ISequentialIn InitData(); if (!m_IsSolid) { @@ -48,7 +48,7 @@ index 1aaedcc..68030c7 100644 if (m_UnpackSize > 0) { GetFlagsBuf(); -@@ -477,9 +482,9 @@ STDMETHODIMP CDecoder::Code(ISequentialInStream *inStream, ISequentialOutStream +@@ -477,9 +482,9 @@ STDMETHODIMP CDecoder::Code(ISequentialI const UInt64 *inSize, const UInt64 *outSize, ICompressProgressInfo *progress) { try { return CodeReal(inStream, outStream, inSize, outSize, progress); } @@ -61,10 +61,10 @@ index 1aaedcc..68030c7 100644 } STDMETHODIMP CDecoder::SetDecoderProperties2(const Byte *data, UInt32 size) -diff --git a/CPP/7zip/Compress/Rar1Decoder.h b/CPP/7zip/Compress/Rar1Decoder.h -index 630f089..01b606b 100644 ---- a/CPP/7zip/Compress/Rar1Decoder.h -+++ b/CPP/7zip/Compress/Rar1Decoder.h +Index: p7zip_16.02/CPP/7zip/Compress/Rar1Decoder.h +=================================================================== +--- p7zip_16.02.orig/CPP/7zip/Compress/Rar1Decoder.h ++++ p7zip_16.02/CPP/7zip/Compress/Rar1Decoder.h @@ -39,6 +39,7 @@ public: Int64 m_UnpackSize; @@ -73,11 +73,11 @@ index 630f089..01b606b 100644 UInt32 ReadBits(int numBits); HRESULT CopyBlock(UInt32 distance, UInt32 len); -diff --git a/CPP/7zip/Compress/Rar2Decoder.cpp b/CPP/7zip/Compress/Rar2Decoder.cpp -index b3f2b4b..0580c8d 100644 ---- a/CPP/7zip/Compress/Rar2Decoder.cpp -+++ b/CPP/7zip/Compress/Rar2Decoder.cpp -@@ -80,7 +80,8 @@ static const UInt32 kHistorySize = 1 << 20; +Index: p7zip_16.02/CPP/7zip/Compress/Rar2Decoder.cpp +=================================================================== +--- p7zip_16.02.orig/CPP/7zip/Compress/Rar2Decoder.cpp ++++ p7zip_16.02/CPP/7zip/Compress/Rar2Decoder.cpp +@@ -80,7 +80,8 @@ static const UInt32 kHistorySize = 1 << static const UInt32 kWindowReservSize = (1 << 22) + 256; CDecoder::CDecoder(): @@ -87,7 +87,7 @@ index b3f2b4b..0580c8d 100644 { } -@@ -100,6 +101,8 @@ UInt32 CDecoder::ReadBits(unsigned numBits) { return m_InBitStream.ReadBits(numB +@@ -100,6 +101,8 @@ UInt32 CDecoder::ReadBits(unsigned numBi bool CDecoder::ReadTables(void) { @@ -105,7 +105,7 @@ index b3f2b4b..0580c8d 100644 return true; } -@@ -344,6 +349,9 @@ HRESULT CDecoder::CodeReal(ISequentialInStream *inStream, ISequentialOutStream * +@@ -344,6 +349,9 @@ HRESULT CDecoder::CodeReal(ISequentialIn return S_FALSE; } @@ -115,10 +115,10 @@ index b3f2b4b..0580c8d 100644 UInt64 startPos = m_OutWindowStream.GetProcessedSize(); while (pos < unPackSize) { -diff --git a/CPP/7zip/Compress/Rar2Decoder.h b/CPP/7zip/Compress/Rar2Decoder.h -index 3a0535c..0e9005f 100644 ---- a/CPP/7zip/Compress/Rar2Decoder.h -+++ b/CPP/7zip/Compress/Rar2Decoder.h +Index: p7zip_16.02/CPP/7zip/Compress/Rar2Decoder.h +=================================================================== +--- p7zip_16.02.orig/CPP/7zip/Compress/Rar2Decoder.h ++++ p7zip_16.02/CPP/7zip/Compress/Rar2Decoder.h @@ -139,6 +139,7 @@ class CDecoder : UInt64 m_PackSize; @@ -127,10 +127,10 @@ index 3a0535c..0e9005f 100644 void InitStructures(); UInt32 ReadBits(unsigned numBits); -diff --git a/CPP/7zip/Compress/Rar3Decoder.cpp b/CPP/7zip/Compress/Rar3Decoder.cpp -index 3bf2513..6cb8a6a 100644 ---- a/CPP/7zip/Compress/Rar3Decoder.cpp -+++ b/CPP/7zip/Compress/Rar3Decoder.cpp +Index: p7zip_16.02/CPP/7zip/Compress/Rar3Decoder.cpp +=================================================================== +--- p7zip_16.02.orig/CPP/7zip/Compress/Rar3Decoder.cpp ++++ p7zip_16.02/CPP/7zip/Compress/Rar3Decoder.cpp @@ -92,7 +92,8 @@ CDecoder::CDecoder(): _writtenFileSize(0), _vmData(0), @@ -141,7 +141,7 @@ index 3bf2513..6cb8a6a 100644 { Ppmd7_Construct(&_ppmd); } -@@ -545,6 +546,9 @@ HRESULT CDecoder::ReadTables(bool &keepDecompressing) +@@ -545,6 +546,9 @@ HRESULT CDecoder::ReadTables(bool &keepD return InitPPM(); } @@ -151,7 +151,7 @@ index 3bf2513..6cb8a6a 100644 _lzMode = true; PrevAlignBits = 0; PrevAlignCount = 0; -@@ -606,6 +610,9 @@ HRESULT CDecoder::ReadTables(bool &keepDecompressing) +@@ -606,6 +610,9 @@ HRESULT CDecoder::ReadTables(bool &keepD } } } @@ -161,7 +161,7 @@ index 3bf2513..6cb8a6a 100644 TablesRead = true; // original code has check here: -@@ -623,6 +630,9 @@ HRESULT CDecoder::ReadTables(bool &keepDecompressing) +@@ -623,6 +630,9 @@ HRESULT CDecoder::ReadTables(bool &keepD RIF(m_LenDecoder.Build(&newLevels[kMainTableSize + kDistTableSize + kAlignTableSize])); memcpy(m_LastLevels, newLevels, kTablesSizesSum); @@ -171,7 +171,7 @@ index 3bf2513..6cb8a6a 100644 return S_OK; } -@@ -824,7 +834,12 @@ HRESULT CDecoder::CodeReal(ICompressProgressInfo *progress) +@@ -824,7 +834,12 @@ HRESULT CDecoder::CodeReal(ICompressProg PpmEscChar = 2; PpmError = true; InitFilters(); @@ -184,7 +184,7 @@ index 3bf2513..6cb8a6a 100644 if (!m_IsSolid || !TablesRead) { bool keepDecompressing; -@@ -838,6 +853,8 @@ HRESULT CDecoder::CodeReal(ICompressProgressInfo *progress) +@@ -838,6 +853,8 @@ HRESULT CDecoder::CodeReal(ICompressProg bool keepDecompressing; if (_lzMode) { @@ -193,7 +193,7 @@ index 3bf2513..6cb8a6a 100644 RINOK(DecodeLZ(keepDecompressing)) } else -@@ -901,8 +918,8 @@ STDMETHODIMP CDecoder::Code(ISequentialInStream *inStream, ISequentialOutStream +@@ -901,8 +918,8 @@ STDMETHODIMP CDecoder::Code(ISequentialI _unpackSize = outSize ? *outSize : (UInt64)(Int64)-1; return CodeReal(progress); } @@ -204,10 +204,10 @@ index 3bf2513..6cb8a6a 100644 // CNewException is possible here. But probably CNewException is caused // by error in data stream. } -diff --git a/CPP/7zip/Compress/Rar3Decoder.h b/CPP/7zip/Compress/Rar3Decoder.h -index c130cec..2f72d7d 100644 ---- a/CPP/7zip/Compress/Rar3Decoder.h -+++ b/CPP/7zip/Compress/Rar3Decoder.h +Index: p7zip_16.02/CPP/7zip/Compress/Rar3Decoder.h +=================================================================== +--- p7zip_16.02.orig/CPP/7zip/Compress/Rar3Decoder.h ++++ p7zip_16.02/CPP/7zip/Compress/Rar3Decoder.h @@ -192,6 +192,7 @@ class CDecoder: UInt32 _lastFilter; @@ -223,4 +223,4 @@ index c130cec..2f72d7d 100644 + bool TablesOK; CPpmd7 _ppmd; - int PpmEscChar; \ No newline at end of file + int PpmEscChar; diff --git a/meta-oe/recipes-extended/p7zip/files/change_numMethods_from_bool_to_unsigned.patch b/meta-oe/recipes-extended/p7zip/files/change_numMethods_from_bool_to_unsigned.patch index edde525933..dcde83e8a4 100644 --- a/meta-oe/recipes-extended/p7zip/files/change_numMethods_from_bool_to_unsigned.patch +++ b/meta-oe/recipes-extended/p7zip/files/change_numMethods_from_bool_to_unsigned.patch @@ -12,14 +12,16 @@ use unsigned instead of bool Signed-off-by: Nisha Parrakat <nisha.parra...@kpit.com> Upstream-Status: Pending ---- ./CPP/7zip/Archive/Wim/WimHandler.cpp 2021-05-20 10:51:56.997402701 +0000 -+++ ./CPP/7zip/Archive/Wim/WimHandler.cpp 2021-05-20 10:52:16.665604125 +0000 -@@ -298,7 +298,7 @@ - +Index: p7zip_16.02/CPP/7zip/Archive/Wim/WimHandler.cpp +=================================================================== +--- p7zip_16.02.orig/CPP/7zip/Archive/Wim/WimHandler.cpp ++++ p7zip_16.02/CPP/7zip/Archive/Wim/WimHandler.cpp +@@ -298,7 +298,7 @@ STDMETHODIMP CHandler::GetArchivePropert + AString res; - + - bool numMethods = 0; + unsigned numMethods = 0; for (unsigned i = 0; i < ARRAY_SIZE(k_Methods); i++) { - if (methodMask & ((UInt32)1 << i + if (methodMask & ((UInt32)1 << i)) -- 2.25.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#95943): https://lists.openembedded.org/g/openembedded-devel/message/95943 Mute This Topic: https://lists.openembedded.org/mt/89696360/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-