fix out-of-bounds read in decoder (CVE-2020-0499)

flac-cve-2020-0499.patch

@@ -0,0 +1,23 @@
+commit 2e7931c27eb15e387da440a37f12437e35b22dd4
+Author: Erik de Castro Lopo <erikd@mega-nerd.com>
+Date:   Mon Oct 7 12:55:58 2019 +1100
+
+    libFLAC/bitreader.c: Fix out-of-bounds read
+    
+    Credit: Oss-Fuzz
+    Issue: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=17069
+    Testcase: fuzzer_decoder-5670265022840832
+
+diff --git a/src/libFLAC/bitreader.c b/src/libFLAC/bitreader.c
+index 5e4b5918..3df4d02c 100644
+--- a/src/libFLAC/bitreader.c
++++ b/src/libFLAC/bitreader.c
+@@ -869,7 +869,7 @@ incomplete_lsbs:
+ 			cwords = br->consumed_words;
+ 			words = br->words;
+ 			ucbits = FLAC__BITS_PER_WORD - br->consumed_bits;
+-			b = br->buffer[cwords] << br->consumed_bits;
++			b = cwords < br->capacity ? br->buffer[cwords] << br->consumed_bits : 0;
+ 		} while(cwords >= words && val < end);
+ 	}
+ 

flac.spec

@@ -25,6 +25,8 @@ BuildRequires: nasm >= 2.0
 %endif
 BuildRequires: make
 
+Patch1: flac-cve-2020-0499.patch
+
 %description
 FLAC stands for Free Lossless Audio Codec. Grossly oversimplified, FLAC
 is similar to Ogg Vorbis, but lossless. The FLAC project consists of
@@ -72,6 +74,7 @@ This is the input plugin for XMMS to be able to read FLAC files.
 
 %prep
 %setup -q
+%patch1 -p1 -b .cve-2020-0499
 
 %build
 # use our libtool to avoid problems with RPATH