From: Robert Luberda <robert@debian.org>
Date: Sat, 19 Nov 2016 08:48:08 +0100
Subject: Fix nullptr dereference (CVE-2016-9296)

Patch taken from https://sourceforge.net/p/p7zip/bugs/185/
This patch file taken from Debian's patch set for p7zip
---
 CPP/7zip/Archive/7z/7zIn.cpp | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/CPP/7zip/Archive/7z/7zIn.cpp b/CPP/7zip/Archive/7z/7zIn.cpp
index b0c6b98..7c6dde2 100644
--- a/CPP/7zip/Archive/7z/7zIn.cpp
+++ b/CPP/7zip/Archive/7z/7zIn.cpp
@@ -1097,7 +1097,8 @@ HRESULT CInArchive::ReadAndDecodePackedStreams(
       if (CrcCalc(data, unpackSize) != folders.FolderCRCs.Vals[i])
         ThrowIncorrect();
   }
-  HeadersSize += folders.PackPositions[folders.NumPackStreams];
+  if (folders.PackPositions)
+      HeadersSize += folders.PackPositions[folders.NumPackStreams];
   return S_OK;
 }
 
put type='submit' value='switch'/></form></td></tr>
<tr><td class='sub'>Wojtek's customized Guix</td><td class='sub right'></td></tr></table>
<table class='tabs'><tr><td>
<a href='/guix/about/'>about</a><a href='/guix/'>summary</a><a href='/guix/refs/?id=ee0ef0b58ff3ba4b6b2aa81246a50ab9bf020292'>refs</a><a class='active' href='/guix/log/gnu/packages/darwin.scm'>log</a><a href='/guix/tree/gnu/packages/darwin.scm?id=ee0ef0b58ff3ba4b6b2aa81246a50ab9bf020292'>tree</a><a href='/guix/commit/gnu/packages/darwin.scm?id=ee0ef0b58ff3ba4b6b2aa81246a50ab9bf020292'>commit</a><a href='/guix/diff/gnu/packages/darwin.scm?id=ee0ef0b58ff3ba4b6b2aa81246a50ab9bf020292'>diff</a></td><td class='form'><form class='right' method='get' action='/guix/log/gnu/packages/darwin.scm'>
<input type='hidden' name='id' value='ee0ef0b58ff3ba4b6b2aa81246a50ab9bf020292'/><select name='qt'>
<option value='grep'>log msg</option>
<option value='author'>author</option>
<option value='committer'>committer</option>
<option value='range'>range</option>
</select>
<input class='txt' type='search' size='10' name='q' value=''/>
<input type='submit' value='search'/>
</form>
</td></tr></table>
<div class='path'>path: <a href='/guix/log/?id=ee0ef0b58ff3ba4b6b2aa81246a50ab9bf020292'>root</a>/<a href='/guix/log/gnu?id=ee0ef0b58ff3ba4b6b2aa81246a50ab9bf020292'>gnu</a>/<a href='/guix/log/gnu/packages?id=ee0ef0b58ff3ba4b6b2aa81246a50ab9bf020292'>packages</a>/<a href='/guix/log/gnu/packages/darwin.scm?id=ee0ef0b58ff3ba4b6b2aa81246a50ab9bf020292'>darwin.scm</a></div><div class='content'><table class='list nowrap'><tr class='nohover'><th class='left'>Age</th><th class='left'>Commit message (<a href='/guix/log/gnu/packages/darwin.scm?id=ee0ef0b58ff3ba4b6b2aa81246a50ab9bf020292&amp;showmsg=1'>Expand</a>)</th><th class='left'>Author</th></tr>
<tr><td><span title='2022-06-19 23:14:56 +0200'>2022-06-19</span></td><td><a href='/guix/commit/gnu/packages/darwin.scm?id=d5a9f2a404479c92b109dd14eb6fc597abc11aff'>gnu: Add cctools.</a></td><td>Philip McGrath</td></tr>
env.patch?id=fc92d33932cd3b581c9085c03751ae4f01ade04b&amp;showmsg=1'>Expand</a>)</th><th class='left'>Author</th></tr>
<tr><td><span title='2023-12-17 01:27:00 -0500'>2023-12-17</span></td><td><a href='/guix/commit/gnu/packages/patches/curl-use-ssl-cert-env.patch?id=bc7713fa8878ab8a2158c8660d9b2bbb8fb2f77e'>gnu: curl: Update to 8.5.0 [security fixes].</a></td><td>John Kehayias</td></tr>
<tr><td><span title='2021-04-02 13:14:23 +0200'>2021-04-02</span></td><td><a href='/guix/commit/gnu/packages/patches/curl-use-ssl-cert-env.patch?id=2e0b1b62e94b926041ca9af70537dd9b3ab64edf'>gnu: curl: Update to 7.76.0 [security fixes].</a></td><td>Léo Le Bouter</td></tr>
<tr><td><span title='2020-01-15 00:25:51 +0100'>2020-01-15</span></td><td><a href='/guix/commit/gnu/packages/patches/curl-use-ssl-cert-env.patch?id=a76a343082d61d5303b61a9e4cbde4ab8515a1e7'>gnu: curl: Make libcurl respect SSL_CERT_DIR and SSL_CERT_FILE.</a></td><td>Jakub Kądziołka</td></tr>