fix static analysis issue in prerequisite patch
resolves: RHEL-65093
This commit is contained in:
Michal Hlavinka
parent
5428dc3f65
commit
cddc4701f9
@ -1,6 +1,6 @@
|
||||
diff -up libsndfile-1.0.28/src/ogg.c.cve-2024-50612prereq libsndfile-1.0.28/src/ogg.c
|
||||
--- libsndfile-1.0.28/src/ogg.c.cve-2024-50612prereq 2017-04-01 09:18:02.000000000 +0200
|
||||
+++ libsndfile-1.0.28/src/ogg.c 2024-11-25 23:46:59.292296272 +0100
|
||||
+++ libsndfile-1.0.28/src/ogg.c 2024-11-26 15:06:33.595446443 +0100
|
||||
@@ -45,6 +45,16 @@ static int ogg_stream_classify (SF_PRIVA
|
||||
static int ogg_page_classify (SF_PRIVATE * psf, const ogg_page * og) ;
|
||||
|
||||
@ -18,9 +18,23 @@ diff -up libsndfile-1.0.28/src/ogg.c.cve-2024-50612prereq libsndfile-1.0.28/src/
|
||||
ogg_open (SF_PRIVATE *psf)
|
||||
{ OGG_PRIVATE* odata = calloc (1, sizeof (OGG_PRIVATE)) ;
|
||||
sf_count_t pos = psf_ftell (psf) ;
|
||||
diff -up libsndfile-1.0.28/src/ogg.h.cve-2024-50612prereq libsndfile-1.0.28/src/ogg.h
|
||||
--- libsndfile-1.0.28/src/ogg.h.cve-2024-50612prereq 2024-11-26 15:06:45.023560621 +0100
|
||||
+++ libsndfile-1.0.28/src/ogg.h 2024-11-26 15:06:57.731687587 +0100
|
||||
@@ -48,5 +48,10 @@ typedef struct
|
||||
(buf [base] & 0xff))
|
||||
|
||||
|
||||
+/*
|
||||
+** Write the whole Ogg page out. Convenience function as the ogg_page struct
|
||||
+** splits header and body data into separate buffers.
|
||||
+*/
|
||||
+int ogg_write_page (SF_PRIVATE *, ogg_page *) ;
|
||||
|
||||
#endif /* SF_SRC_OGG_H */
|
||||
diff -up libsndfile-1.0.28/src/ogg_vorbis.c.cve-2024-50612prereq libsndfile-1.0.28/src/ogg_vorbis.c
|
||||
--- libsndfile-1.0.28/src/ogg_vorbis.c.cve-2024-50612prereq 2017-04-01 09:18:02.000000000 +0200
|
||||
+++ libsndfile-1.0.28/src/ogg_vorbis.c 2024-11-25 23:49:55.084077011 +0100
|
||||
+++ libsndfile-1.0.28/src/ogg_vorbis.c 2024-11-26 15:06:33.595446443 +0100
|
||||
@@ -423,8 +423,7 @@ vorbis_write_header (SF_PRIVATE *psf, in
|
||||
* audio data will start on a new page, as per spec
|
||||
*/
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
Summary: Library for reading and writing sound files
|
||||
Name: libsndfile
|
||||
Version: 1.0.28
|
||||
Release: 15%{?dist}
|
||||
Release: 16%{?dist}
|
||||
License: LGPLv2+ and GPLv2+ and BSD
|
||||
Group: System Environment/Libraries
|
||||
URL: http://www.mega-nerd.com/libsndfile/
|
||||
@ -180,6 +180,9 @@ LD_LIBRARY_PATH=$PWD/src/.libs make check
|
||||
|
||||
|
||||
%changelog
|
||||
* Tue Nov 26 2024 Michal Hlavinka <mhlavink@redhat.com> - 1.0.28-16
|
||||
- fix prerequisit patch (#RHEL-65093)
|
||||
|
||||
* Wed Nov 20 2024 Michal Hlavinka <mhlavink@redhat.com> - 1.0.28-15
|
||||
- fix crash in ogg vorbis (#RHEL-65093) (CVE-2024-50612)
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user