diff --git a/libcdio-NULL-pointer-dereference.patch b/libcdio-NULL-pointer-dereference.patch new file mode 100644 index 0000000..425bd36 --- /dev/null +++ b/libcdio-NULL-pointer-dereference.patch @@ -0,0 +1,32 @@ +From 91637c8319202758f52c6bd31d7264d6b6a74ee1 Mon Sep 17 00:00:00 2001 +From: PHO +Date: Fri, 2 Oct 2015 09:31:46 +0900 +Subject: [PATCH] Fix NULL pointer dereference that occurs when byte swapping + is needed + +cdrom_cache_handler() calls cdio_cddap_read_timed() with buffer == NULL. When this happens on a platform where byte swapping is needed, the latter crashes for dereferencing a NULL pointer. +--- + configure.ac | 14 ++++++---- + lib/cdda_interface/interface.c | 2 +- + test/.gitignore | 5 ++++ + test/Makefile.am | 4 +-- + test/endian.sh.in | 59 ++++++++++++++++++++++++++++++++++++++++++ + 5 files changed, 76 insertions(+), 8 deletions(-) + create mode 100644 test/endian.sh.in + +diff --git a/lib/cdda_interface/interface.c b/lib/cdda_interface/interface.c +index 08a96f3..bfb9ac3 100644 +--- a/lib/cdda_interface/interface.c ++++ b/lib/cdda_interface/interface.c +@@ -155,7 +155,7 @@ cdio_cddap_read_timed(cdrom_drive_t *d, void *buffer, lsn_t beginsector, + if ( d->bigendianp == -1 ) /* not determined yet */ + d->bigendianp = data_bigendianp(d); + +- if ( d->b_swap_bytes && d->bigendianp != bigendianp() ) { ++ if ( buffer && d->b_swap_bytes && d->bigendianp != bigendianp() ) { + int i; + uint16_t *p=(uint16_t *)buffer; + long els=sectors*CDIO_CD_FRAMESIZE_RAW/2; +-- +2.14.2 + diff --git a/libcdio-paranoia.spec b/libcdio-paranoia.spec index fe249dc..5e3c1c5 100644 --- a/libcdio-paranoia.spec +++ b/libcdio-paranoia.spec @@ -1,12 +1,13 @@ Name: libcdio-paranoia Version: 10.2+0.93+1 -Release: 10%{?dist} +Release: 11%{?dist} Summary: CD paranoia on top of libcdio Group: System Environment/Libraries License: GPLv3+ URL: http://www.gnu.org/software/libcdio/ Source0: http://ftp.gnu.org/gnu/libcdio/libcdio-paranoia-%{version}.tar.gz Patch0: libcdio-paranoia-manpage.patch +Patch1: libcdio-NULL-pointer-dereference.patch BuildRequires: pkgconfig BuildRequires: gettext-devel BuildRequires: chrpath @@ -38,6 +39,7 @@ This package contains header files and libraries for %{name}. %prep %setup -q %patch0 -p1 +%patch1 -p1 # fix pkgconfig files sed -i -e 's,-I${includedir},-I${includedir}/cdio,g' libcdio_paranoia.pc.in @@ -69,6 +71,9 @@ cp -a $RPM_BUILD_ROOT%{_includedir}/cdio/paranoia/*.h $RPM_BUILD_ROOT%{_included chrpath --delete $RPM_BUILD_ROOT%{_bindir}/* chrpath --delete $RPM_BUILD_ROOT%{_libdir}/*.so.* +%check +make %{?_smp_mflags} check + %post -p /sbin/ldconfig %postun -p /sbin/ldconfig @@ -92,6 +97,11 @@ chrpath --delete $RPM_BUILD_ROOT%{_libdir}/*.so.* %changelog +* Tue Oct 17 2017 Marek Kasik - 10.2+0.93+1-11 +- Enable unit tests +- Backport fix for a NULL pointer dereference +- Resolves: #1502655 + * Thu Aug 03 2017 Fedora Release Engineering - 10.2+0.93+1-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild