fix buffer overflow in aiff (CVE-2017-6892,rhbz#1463328)
This commit is contained in:
Michal Hlavinka
parent
1108fba06f
commit
376b103aa2
25
libsndfile-1.0.29-cve2017_6892.patch
Normal file
25
libsndfile-1.0.29-cve2017_6892.patch
Normal file
@ -0,0 +1,25 @@
|
||||
From f833c53cb596e9e1792949f762e0b33661822748 Mon Sep 17 00:00:00 2001
|
||||
From: Erik de Castro Lopo <erikd@mega-nerd.com>
|
||||
Date: Tue, 23 May 2017 20:15:24 +1000
|
||||
Subject: [PATCH] src/aiff.c: Fix a buffer read overflow
|
||||
|
||||
Secunia Advisory SA76717.
|
||||
|
||||
Found by: Laurent Delosieres, Secunia Research at Flexera Software
|
||||
---
|
||||
src/aiff.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/aiff.c b/src/aiff.c
|
||||
index 5b5f9f53..45864b76 100644
|
||||
--- a/src/aiff.c
|
||||
+++ b/src/aiff.c
|
||||
@@ -1759,7 +1759,7 @@ aiff_read_chanmap (SF_PRIVATE * psf, unsigned dword)
|
||||
psf_binheader_readf (psf, "j", dword - bytesread) ;
|
||||
|
||||
if (map_info->channel_map != NULL)
|
||||
- { size_t chanmap_size = psf->sf.channels * sizeof (psf->channel_map [0]) ;
|
||||
+ { size_t chanmap_size = SF_MIN (psf->sf.channels, layout_tag & 0xffff) * sizeof (psf->channel_map [0]) ;
|
||||
|
||||
free (psf->channel_map) ;
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
Summary: Library for reading and writing sound files
|
||||
Name: libsndfile
|
||||
Version: 1.0.28
|
||||
Release: 2%{?dist}
|
||||
Release: 3%{?dist}
|
||||
License: LGPLv2+ and GPLv2+ and BSD
|
||||
Group: System Environment/Libraries
|
||||
URL: http://www.mega-nerd.com/libsndfile/
|
||||
@ -10,6 +10,7 @@ Patch0: libsndfile-1.0.25-system-gsm.patch
|
||||
Patch1: libsndfile-1.0.25-zerodivfix.patch
|
||||
Patch2: revert.patch
|
||||
Patch3: libsndfile-1.0.28-flacbufovfl.patch
|
||||
Patch4: libsndfile-1.0.29-cve2017_6892.patch
|
||||
BuildRequires: alsa-lib-devel
|
||||
BuildRequires: flac-devel
|
||||
BuildRequires: libogg-devel
|
||||
@ -58,6 +59,7 @@ This package contains command line utilities for libsndfile.
|
||||
%patch1 -p1 -b .zerodivfix
|
||||
%patch2 -p1 -b .revert
|
||||
%patch3 -p1 -b .flacbufovfl
|
||||
%patch4 -p1 -b .cve2017_6892
|
||||
rm -r src/GSM610
|
||||
|
||||
%build
|
||||
@ -153,6 +155,9 @@ LD_LIBRARY_PATH=$PWD/src/.libs make check
|
||||
|
||||
|
||||
%changelog
|
||||
* Wed Jun 21 2017 Michal Hlavinka <mhlavink@redhat.com> - 1.0.28-3
|
||||
- fix buffer overflow in aiff (CVE-2017-6892,rhbz#1463328)
|
||||
|
||||
* Mon Jun 05 2017 Michal Hlavinka <mhlavink@redhat.com> - 1.0.28-2
|
||||
- fix flac and pcm buffer overflows (CVE-2017-8361,CVE-2017-8362,CVE-2017-8363,CVE-2017-8365)
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user