From f4ae478fa268f9eab082e5360ee61ae788795a45 Mon Sep 17 00:00:00 2001
From: Helmut Pozimski <helmut@pozimski.eu>
Date: Tue, 10 Apr 2018 12:35:06 +0200
Subject: [PATCH] sharutils: add patch for CVE-2018-1000097

---
 srcpkgs/sharutils/patches/CVE-2018-1000097.patch | 15 +++++++++++++++
 srcpkgs/sharutils/template                       |  2 +-
 2 files changed, 16 insertions(+), 1 deletion(-)
 create mode 100644 srcpkgs/sharutils/patches/CVE-2018-1000097.patch

diff --git a/srcpkgs/sharutils/patches/CVE-2018-1000097.patch b/srcpkgs/sharutils/patches/CVE-2018-1000097.patch
new file mode 100644
index 00000000000..6b3999b8a7d
--- /dev/null
+++ b/srcpkgs/sharutils/patches/CVE-2018-1000097.patch
@@ -0,0 +1,15 @@
+From: Petr Pisar
+Subject: Fix CVE-2018-1000097, heap buffer overflow in unshar
+Bug-Debian: https://bugs.debian.org/893525
+
+--- src/unshar.c
++++ src/unshar.c
+@@ -240,7 +240,7 @@
+       off_t position = ftello (file);
+ 
+       /* Read next line, fail if no more and no previous process.  */
+-      if (!fgets (rw_buffer, BUFSIZ, file))
++      if (!fgets (rw_buffer, rw_base_size, file))
+ 	{
+ 	  if (!start)
+ 	    error (0, 0, _("Found no shell commands in %s"), name);
diff --git a/srcpkgs/sharutils/template b/srcpkgs/sharutils/template
index 71ab9ccfec8..aad11adbc7c 100644
--- a/srcpkgs/sharutils/template
+++ b/srcpkgs/sharutils/template
@@ -1,7 +1,7 @@
 # Template file for 'sharutils'
 pkgname=sharutils
 version=4.15.2
-revision=1
+revision=2
 build_style=gnu-configure
 hostmakedepends="perl"
 short_desc="Makes so-called shell archives out of many files"