From 3e134af85f65c4565010cb5bb8c69107bd03e52d Mon Sep 17 00:00:00 2001
From: Omar Vega Ramos <ovruni@gnu.org.pe>
Date: Mon, 23 Jul 2018 00:11:54 -0500
Subject: p7zip-16.02-5.parabola1: updating version

---
 libre/p7zip/CVE-2017-17969.patch | 26 ++++++++++++++++++++++++++
 libre/p7zip/PKGBUILD             |  7 ++++++-
 2 files changed, 32 insertions(+), 1 deletion(-)
 create mode 100644 libre/p7zip/CVE-2017-17969.patch

diff --git a/libre/p7zip/CVE-2017-17969.patch b/libre/p7zip/CVE-2017-17969.patch
new file mode 100644
index 000000000..ebc0ac93e
--- /dev/null
+++ b/libre/p7zip/CVE-2017-17969.patch
@@ -0,0 +1,26 @@
+From 79bca880ce7bcf07216c45f93afea545e0344418 Mon Sep 17 00:00:00 2001
+From: aone <aone@keka.io>
+Date: Mon, 5 Feb 2018 13:01:09 +0100
+Subject: [PATCH] Security fix CVE-2017-17969
+
+---
+ CPP/7zip/Compress/ShrinkDecoder.cpp | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/CPP/7zip/Compress/ShrinkDecoder.cpp b/CPP/7zip/Compress/ShrinkDecoder.cpp
+index 80b7e67..5bb0559 100644
+--- a/CPP/7zip/Compress/ShrinkDecoder.cpp
++++ b/CPP/7zip/Compress/ShrinkDecoder.cpp
+@@ -121,7 +121,12 @@ HRESULT CDecoder::CodeReal(ISequentialInStream *inStream, ISequentialOutStream *
+     {
+       _stack[i++] = _suffixes[cur];
+       cur = _parents[cur];
++	  if (cur >= kNumItems || i >= kNumItems)
++	  	break;
+     }
++	
++	if (cur >= kNumItems || i >= kNumItems)
++		break;
+     
+     _stack[i++] = (Byte)cur;
+     lastChar2 = (Byte)cur;
diff --git a/libre/p7zip/PKGBUILD b/libre/p7zip/PKGBUILD
index f7fbae290..f7c09510a 100644
--- a/libre/p7zip/PKGBUILD
+++ b/libre/p7zip/PKGBUILD
@@ -11,7 +11,7 @@
 _pkgname=p7zip-libre
 pkgname=p7zip
 pkgver=16.02
-pkgrel=3.parabola2
+pkgrel=5.parabola1
 pkgdesc="Command-line file archiver with high compression ratio"
 arch=('i686' 'x86_64' 'armv7h')
 url="http://p7zip.sourceforge.net/"
@@ -25,10 +25,12 @@ install=$pkgname.install
 mksource=(https://downloads.sourceforge.net/project/$pkgname/$pkgname/$pkgver/${pkgname}_${pkgver}_src_all.tar.bz2)
 source=(https://repo.parabola.nu/other/${_pkgname}/${_pkgname}_${pkgver}_src_all.tar.bz2
         CVE-2016-9296.patch
+        CVE-2017-17969.patch
         libre.patch)
 mksha256sums=('5eb20ac0e2944f6cb9c2d51dd6c4518941c185347d4089ea89087ffdd6e2341f')
 sha256sums=('486e5784de9284c7123b401b3f27e684af772d03fc1fb8cdbbefb8123dc9f841'
             'f9bcbf21d4aa8938861a6cba992df13dec19538286e9ed747ccec6d9a4e8f983'
+            'c6af5ba588b8932a5e99f3741fcf1011b7c94b533de903176c7d1d4c02a9ebef'
             'feeeb3b1b7a827b7a675d6c8a363ea6c2499a4f04b3160c7e8d7bba42e0b3c15')
 
 mksource() {
@@ -51,6 +53,9 @@ prepare() {
   # https://sourceforge.net/p/p7zip/bugs/185/
   patch -Np1 -i ../CVE-2016-9296.patch
 
+  # https://sourceforge.net/p/p7zip/bugs/204/
+  patch -Np1 -i ../CVE-2017-17969.patch
+
   if [[ $CARCH = x86_64 ]]; then
     cp makefile.linux_amd64_asm makefile.machine
   elif [[ $CARCH = i686 ]]; then
-- 
cgit v1.2.3