Package: p7zip-full Version: 9.20.1~dfsg.1-3 Severity: normal Tags: patch Embedded bzip2 decoder doesnt support bzip2 blocks with more than 18002 selectors (bzip2 allows up to 32767 selectors).
How to reproduce: $ (echo QlpoOTFBWSZTWT75kEwAAAJGAAAQAgAMAC//4AAAAAAAAAAAAAAAAAAAAA \ > && echo xxxxxxxxxxxxxxxxxxxxZpoM00Zl4u5IpwoSB98yCY) \ > | sed s/x/xxxxxxxxxxxxxxxx/g \ > | sed s/x/AAAAAAAAAAAAAAAAA/g \ > | base64 -d >payload.bz2 $ bzcat payload.bz2 TEST $ bzip2 -tvvv payload.bz2 payload.bz2: [1: huff+mtf rt+rld {0x3ef9904c, 0x3ef9904c}] combined CRCs: stored = 0x3ef9904c, computed = 0x3ef9904c ok $ 7za x payload.bz2 7-Zip (A) [64] 9.20 Copyright (c) 1999-2010 Igor Pavlov 2010-11-18 p7zip Version 9.20 (locale=pl_PL.utf8,Utf16=on,HugeFiles=on,4 CPUs) Processing archive: payload.bz2 Extracting payload Data Error Sub items Errors: 1 -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 2.6.39-2-amd64 (SMP w/4 CPU cores) Locale: LANG=pl_PL.utf8, LC_CTYPE=pl_PL.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages p7zip-full depends on: ii libc6 2.13-17 Embedded GNU C Library: Shared lib ii libgcc1 1:4.6.1-7 GCC support library ii libstdc++6 4.6.1-7 GNU Standard C++ Library v3 p7zip-full recommends no packages. Versions of packages p7zip-full suggests: pn p7zip-rar <none> (no description available) -- no debconf information
diff -U2 --recursive p7zip-9.20.1~dfsg.1-orig/CPP/7zip/Compress/BZip2Const.h p7zip-9.20.1~dfsg.1/CPP/7zip/Compress/BZip2Const.h --- p7zip-9.20.1~dfsg.1-orig/CPP/7zip/Compress/BZip2Const.h 2011-04-01 21:14:01.000000000 +0200 +++ p7zip-9.20.1~dfsg.1/CPP/7zip/Compress/BZip2Const.h 2011-08-26 23:02:13.875553327 +0200 @@ -46,5 +46,5 @@ const int kNumSelectorsBits = 15; -const UInt32 kNumSelectorsMax = (2 + (kBlockSizeMax / kGroupSize)); +const UInt32 kNumSelectorsMax = 32767; const int kRleModeRepSize = 4;