[3.2] p7zip: Null pointer dereference in 7zIn.cpp (CVE-2016-9296)
A null pointer dereference bug affects the current and many old versions
of p7zip.
It is because the lack of check for the array variable
folders.PackPositions after a loop of initialization.
Reference:
https://sourceforge.net/p/p7zip/bugs/185/
https://sourceforge.net/p/p7zip/discussion/383043/thread/648d34db/
(from redmine: issue id 6513, created on 2016-11-30, closed on 2016-12-15)
- Relations:
- parent #6510 (closed)
- Changesets:
- Revision 3a748737 by Sergei Lukin on 2016-12-07T07:58:53Z:
main/p7zip: security upgrade - fixes #6513
CVE-2016-9296