1 Submitted By: Bruce Dubbs <bdubbs@linuxfromscratch.org>
3 Initial Package Version: 16.02
4 Upstream Status: Unknown.
5 Origin: Arch and Fedora
6 Description: Updates for CVE-2016-9296, CVE-2017-17969, CVE-2018-5996,
7 CVE-2018-10115 and GCC10.
9 diff -Naur p7zip_16.02.orig/CPP/7zip/Archive/7z/7zIn.cpp p7zip_16.02/CPP/7zip/Archive/7z/7zIn.cpp
10 --- p7zip_16.02.orig/CPP/7zip/Archive/7z/7zIn.cpp 2016-05-20 03:20:03.000000000 -0500
11 +++ p7zip_16.02/CPP/7zip/Archive/7z/7zIn.cpp 2020-05-12 15:34:34.513287566 -0500
13 if (CrcCalc(data, unpackSize) != folders.FolderCRCs.Vals[i])
16 - HeadersSize += folders.PackPositions[folders.NumPackStreams];
17 + if (folders.PackPositions)
18 + HeadersSize += folders.PackPositions[folders.NumPackStreams];
22 diff -Naur p7zip_16.02.orig/CPP/7zip/Compress/Rar1Decoder.cpp p7zip_16.02/CPP/7zip/Compress/Rar1Decoder.cpp
23 --- p7zip_16.02.orig/CPP/7zip/Compress/Rar1Decoder.cpp 2015-09-01 13:04:52.000000000 -0500
24 +++ p7zip_16.02/CPP/7zip/Compress/Rar1Decoder.cpp 2020-05-12 15:35:00.897548643 -0500
29 -CDecoder::CDecoder(): m_IsSolid(false) { }
30 +CDecoder::CDecoder(): _isSolid(false), _solidAllowed(false), _errorMode(false) { }
32 void CDecoder::InitStructures()
36 void CDecoder::InitData()
41 AvrPlcB = AvrLn1 = AvrLn2 = AvrLn3 = NumHuf = Buf60 = 0;
44 if (inSize == NULL || outSize == NULL)
47 + if (_isSolid && !_solidAllowed)
50 + _solidAllowed = false;
52 if (!m_OutWindowStream.Create(kHistorySize))
54 if (!m_InBitStream.Create(1 << 20))
57 m_UnpackSize = (Int64)*outSize;
58 m_OutWindowStream.SetStream(outStream);
59 - m_OutWindowStream.Init(m_IsSolid);
60 + m_OutWindowStream.Init(_isSolid);
61 m_InBitStream.SetStream(inStream);
64 // CCoderReleaser coderReleaser(this);
84 + _solidAllowed = true;
85 return m_OutWindowStream.Flush();
89 const UInt64 *inSize, const UInt64 *outSize, ICompressProgressInfo *progress)
91 try { return CodeReal(inStream, outStream, inSize, outSize, progress); }
92 - catch(const CInBufferException &e) { return e.ErrorCode; }
93 - catch(const CLzOutWindowException &e) { return e.ErrorCode; }
94 - catch(...) { return S_FALSE; }
95 + catch(const CInBufferException &e) { _errorMode = true; return e.ErrorCode; }
96 + catch(const CLzOutWindowException &e) { _errorMode = true; return e.ErrorCode; }
97 + catch(...) { _errorMode = true; return S_FALSE; }
100 STDMETHODIMP CDecoder::SetDecoderProperties2(const Byte *data, UInt32 size)
104 - m_IsSolid = ((data[0] & 1) != 0);
105 + _isSolid = ((data[0] & 1) != 0);
109 diff -Naur p7zip_16.02.orig/CPP/7zip/Compress/Rar1Decoder.h p7zip_16.02/CPP/7zip/Compress/Rar1Decoder.h
110 --- p7zip_16.02.orig/CPP/7zip/Compress/Rar1Decoder.h 2014-12-21 06:44:00.000000000 -0600
111 +++ p7zip_16.02/CPP/7zip/Compress/Rar1Decoder.h 2020-05-12 15:35:00.897548643 -0500
118 + bool _solidAllowed;
121 UInt32 ReadBits(int numBits);
122 HRESULT CopyBlock(UInt32 distance, UInt32 len);
123 diff -Naur p7zip_16.02.orig/CPP/7zip/Compress/Rar2Decoder.cpp p7zip_16.02/CPP/7zip/Compress/Rar2Decoder.cpp
124 --- p7zip_16.02.orig/CPP/7zip/Compress/Rar2Decoder.cpp 2015-10-03 03:49:14.000000000 -0500
125 +++ p7zip_16.02/CPP/7zip/Compress/Rar2Decoder.cpp 2020-05-12 15:35:00.897548643 -0500
127 static const UInt32 kWindowReservSize = (1 << 22) + 256;
129 CDecoder::CDecoder():
132 + _solidAllowed(false),
139 bool CDecoder::ReadTables(void)
141 + m_TablesOK = false;
143 Byte levelLevels[kLevelTableSize];
144 Byte newLevels[kMaxTableSize];
145 m_AudioMode = (ReadBits(1) == 1);
149 memcpy(m_LastLevels, newLevels, kMaxTableSize);
156 if (inSize == NULL || outSize == NULL)
159 + if (_isSolid && !_solidAllowed)
161 + _solidAllowed = false;
163 if (!m_OutWindowStream.Create(kHistorySize))
164 return E_OUTOFMEMORY;
165 if (!m_InBitStream.Create(1 << 20))
166 @@ -325,12 +335,12 @@
167 UInt64 pos = 0, unPackSize = *outSize;
169 m_OutWindowStream.SetStream(outStream);
170 - m_OutWindowStream.Init(m_IsSolid);
171 + m_OutWindowStream.Init(_isSolid);
172 m_InBitStream.SetStream(inStream);
173 m_InBitStream.Init();
175 // CCoderReleaser coderReleaser(this);
181 @@ -338,12 +348,16 @@
182 if (m_InBitStream.GetProcessedSize() + 2 <= m_PackSize) // test it: probably incorrect;
185 + _solidAllowed = true;
195 UInt64 startPos = m_OutWindowStream.GetProcessedSize();
196 while (pos < unPackSize)
200 if (!ReadLastTables())
203 + _solidAllowed = true;
205 return m_OutWindowStream.Flush();
212 - m_IsSolid = ((data[0] & 1) != 0);
213 + _isSolid = ((data[0] & 1) != 0);
217 diff -Naur p7zip_16.02.orig/CPP/7zip/Compress/Rar2Decoder.h p7zip_16.02/CPP/7zip/Compress/Rar2Decoder.h
218 --- p7zip_16.02.orig/CPP/7zip/Compress/Rar2Decoder.h 2015-06-19 05:52:06.000000000 -0500
219 +++ p7zip_16.02/CPP/7zip/Compress/Rar2Decoder.h 2020-05-12 15:35:00.898548653 -0500
221 Byte m_LastLevels[kMaxTableSize];
226 + bool _solidAllowed;
229 void InitStructures();
230 UInt32 ReadBits(unsigned numBits);
231 diff -Naur p7zip_16.02.orig/CPP/7zip/Compress/Rar3Decoder.cpp p7zip_16.02/CPP/7zip/Compress/Rar3Decoder.cpp
232 --- p7zip_16.02.orig/CPP/7zip/Compress/Rar3Decoder.cpp 2016-05-20 03:20:03.000000000 -0500
233 +++ p7zip_16.02/CPP/7zip/Compress/Rar3Decoder.cpp 2020-05-12 15:35:00.898548653 -0500
240 + _solidAllowed(false),
243 Ppmd7_Construct(&_ppmd);
249 + TablesRead = false;
259 + if (InputEofError())
264 // original code has check here:
266 RIF(m_LenDecoder.Build(&newLevels[kMainTableSize + kDistTableSize + kAlignTableSize]));
268 memcpy(m_LastLevels, newLevels, kTablesSizesSum);
277 _writtenFileSize = 0;
278 _unsupportedFilter = false;
284 @@ -824,13 +835,21 @@
288 + _errorMode = false;
290 - if (!m_IsSolid || !TablesRead)
295 + if (!_isSolid || !TablesRead)
297 bool keepDecompressing;
298 RINOK(ReadTables(keepDecompressing));
299 if (!keepDecompressing)
301 + _solidAllowed = true;
308 bool keepDecompressing;
313 RINOK(DecodeLZ(keepDecompressing))
317 if (!keepDecompressing)
321 + _solidAllowed = true;
324 UInt64 packSize = m_InBitStream.BitDecoder.GetProcessedSize();
325 RINOK(progress->SetRatioInfo(&packSize, &_writtenFileSize));
330 + if (_isSolid && !_solidAllowed)
332 + _solidAllowed = false;
336 _vmData = (Byte *)::MidAlloc(kVmDataSizeMax + kVmCodeSizeMax);
338 _unpackSize = outSize ? *outSize : (UInt64)(Int64)-1;
339 return CodeReal(progress);
341 - catch(const CInBufferException &e) { return e.ErrorCode; }
342 - catch(...) { return S_FALSE; }
343 + catch(const CInBufferException &e) { _errorMode = true; return e.ErrorCode; }
344 + catch(...) { _errorMode = true; return S_FALSE; }
345 // CNewException is possible here. But probably CNewException is caused
346 // by error in data stream.
352 - m_IsSolid = ((data[0] & 1) != 0);
353 + _isSolid = ((data[0] & 1) != 0);
357 diff -Naur p7zip_16.02.orig/CPP/7zip/Compress/Rar3Decoder.h p7zip_16.02/CPP/7zip/Compress/Rar3Decoder.h
358 --- p7zip_16.02.orig/CPP/7zip/Compress/Rar3Decoder.h 2015-10-03 03:49:12.000000000 -0500
359 +++ p7zip_16.02/CPP/7zip/Compress/Rar3Decoder.h 2020-05-12 15:35:00.898548653 -0500
361 CRecordVector<CTempFilter *> _tempFilters;
366 + bool _solidAllowed;
370 bool _unsupportedFilter;
372 UInt32 PrevAlignCount;
379 diff -Naur p7zip_16.02.orig/CPP/7zip/Compress/Rar5Decoder.cpp p7zip_16.02/CPP/7zip/Compress/Rar5Decoder.cpp
380 --- p7zip_16.02.orig/CPP/7zip/Compress/Rar5Decoder.cpp 2016-05-20 03:20:04.000000000 -0500
381 +++ p7zip_16.02/CPP/7zip/Compress/Rar5Decoder.cpp 2020-05-12 15:35:00.899548663 -0500
386 + _solidAllowed(false),
395 + _solidAllowed = true;
399 if (res == S_OK && _unpackSize_Defined && _writtenFileSize != _unpackSize)
405 + if (_isSolid && !_solidAllowed)
407 + _solidAllowed = false;
409 if (_dictSizeLog >= sizeof(size_t) * 8)
412 diff -Naur p7zip_16.02.orig/CPP/7zip/Compress/Rar5Decoder.h p7zip_16.02/CPP/7zip/Compress/Rar5Decoder.h
413 --- p7zip_16.02.orig/CPP/7zip/Compress/Rar5Decoder.h 2015-09-01 13:04:50.000000000 -0500
414 +++ p7zip_16.02/CPP/7zip/Compress/Rar5Decoder.h 2020-05-12 15:35:00.899548663 -0500
417 bool _tableWasFilled;
419 + bool _solidAllowed;
422 UInt32 _reps[kNumReps];
423 diff -Naur p7zip_16.02.orig/CPP/7zip/Compress/ShrinkDecoder.cpp p7zip_16.02/CPP/7zip/Compress/ShrinkDecoder.cpp
424 --- p7zip_16.02.orig/CPP/7zip/Compress/ShrinkDecoder.cpp 2016-05-18 12:31:02.000000000 -0500
425 +++ p7zip_16.02/CPP/7zip/Compress/ShrinkDecoder.cpp 2020-05-12 15:34:45.120392530 -0500
428 _stack[i++] = _suffixes[cur];
430 + if (cur >= kNumItems || i >= kNumItems)
434 + if (cur >= kNumItems || i >= kNumItems)
437 _stack[i++] = (Byte)cur;
438 lastChar2 = (Byte)cur;
439 diff -Naur p7zip_16.02.orig/CPP/Windows/ErrorMsg.cpp p7zip_16.02/CPP/Windows/ErrorMsg.cpp
440 --- p7zip_16.02.orig/CPP/Windows/ErrorMsg.cpp 2015-01-18 12:20:28.000000000 -0600
441 +++ p7zip_16.02/CPP/Windows/ErrorMsg.cpp 2020-05-12 15:37:52.688247586 -0500
446 - case ERROR_NO_MORE_FILES : txt = "No more files"; break ;
447 - case E_NOTIMPL : txt = "E_NOTIMPL"; break ;
448 - case E_NOINTERFACE : txt = "E_NOINTERFACE"; break ;
449 - case E_ABORT : txt = "E_ABORT"; break ;
450 - case E_FAIL : txt = "E_FAIL"; break ;
451 - case STG_E_INVALIDFUNCTION : txt = "STG_E_INVALIDFUNCTION"; break ;
452 - case E_OUTOFMEMORY : txt = "E_OUTOFMEMORY"; break ;
453 - case E_INVALIDARG : txt = "E_INVALIDARG"; break ;
454 - case ERROR_DIRECTORY : txt = "Error Directory"; break ;
455 + case unsigned (ERROR_NO_MORE_FILES) : txt = "No more files"; break ;
456 + case unsigned (E_NOTIMPL) : txt = "E_NOTIMPL"; break ;
457 + case unsigned (E_NOINTERFACE) : txt = "E_NOINTERFACE"; break ;
458 + case unsigned (E_ABORT) : txt = "E_ABORT"; break ;
459 + case unsigned (E_FAIL) : txt = "E_FAIL"; break ;
460 + case unsigned (STG_E_INVALIDFUNCTION) : txt = "STG_E_INVALIDFUNCTION"; break ;
461 + case unsigned (E_OUTOFMEMORY) : txt = "E_OUTOFMEMORY"; break ;
462 + case unsigned (E_INVALIDARG) : txt = "E_INVALIDARG"; break ;
463 + case ERROR_DIRECTORY : txt = "Error Directory"; break ;
465 txt = strerror(errorCode);