fix memory leak in parsing of vorbis comments (CVE-2017-6888)

2018-05-02 11:43:33 +02:00 · 2018-05-02 11:43:33 +02:00 · 90de40e55b
commit 90de40e55b
parent 8cf52b6aa2
2 changed files with 25 additions and 0 deletions
--- a/flac-memleak.patch
+++ b/flac-memleak.patch
@ -0,0 +1,22 @@
+commit 4f47b63e9c971e6391590caf00a0f2a5ed612e67
+Author: Erik de Castro Lopo <erikd@mega-nerd.com>
+Date:   Sat Apr 8 18:34:49 2017 +1000
+
+    stream_decoder.c: Fix a memory leak
+    
+    Leak reported by Secunia Research.
+
+diff --git a/src/libFLAC/stream_decoder.c b/src/libFLAC/stream_decoder.c
+index 14d5fe7f..a5527511 100644
+--- a/src/libFLAC/stream_decoder.c
+++ b/src/libFLAC/stream_decoder.c
+@@ -1753,6 +1753,9 @@ FLAC__bool read_metadata_vorbiscomment_(FLAC__StreamDecoder *decoder, FLAC__Stre
+ 					}
+ 					memset (obj->comments[i].entry, 0, obj->comments[i].length) ;
+ 					if (!FLAC__bitreader_read_byte_block_aligned_no_crc(decoder->private_->input, obj->comments[i].entry, obj->comments[i].length)) {
+						/* Current i-th entry is bad, so we delete it. */
+						free (obj->comments[i].entry) ;
+						obj->comments[i].entry = NULL ;
+ 						obj->num_comments = i;
+ 						goto skip;
+ 					}
--- a/flac.spec
+++ b/flac.spec
@ -15,6 +15,8 @@ Source0: http://downloads.xiph.org/releases/flac/flac-%{version}.tar.xz
 URL: http://www.xiph.org/flac/
 # use our CFLAGS and don't force SSE intrinsics
 Patch1: flac-cflags.patch
+# fix memory leak in parsing of vorbis comments
+Patch2: flac-memleak.patch
 Requires: %{name}-libs%{?_isa} = %{version}-%{release}
 BuildRequires: libogg-devel
 BuildRequires: automake autoconf libtool gettext-devel doxygen
@ -79,6 +81,7 @@ This is the input plugin for XMMS to be able to read FLAC files.
 %prep
 %setup -q
 %patch1 -p1 -b .cflags
+%patch2 -p1 -b .memleak

 %build
 # use our libtool to avoid problems with RPATH