rpms/libsndfile
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

- Fix for channel per frame overflow (CVE-2009-0186, #488364)

Browse Source
This commit is contained in:
Michel Alexandre Salim 2010-07-07 23:14:31 +00:00
parent d278c5aaae
commit 23a7f795ec
2 changed files with 23 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
libsndfile-1.0.17-channels-per-frame-overflow.patch Normal file
View File

@ -0,0 +1,16 @@
diff -up libsndfile-1.0.17/src/caf.c.orig libsndfile-1.0.17/src/caf.c
--- libsndfile-1.0.17/src/caf.c.orig 2006-08-31 11:22:07.000000000 +0200
+++ libsndfile-1.0.17/src/caf.c 2010-07-07 15:25:35.579607380 +0200
@@ -282,6 +282,11 @@ caf_read_header (SF_PRIVATE *psf)
" Frames / packet : %u\n Channels / frame : %u\n Bits / channel : %u\n",
desc.fmt_id, desc.fmt_flags, desc.pkt_bytes, desc.pkt_frames, desc.channels_per_frame, desc.bits_per_chan) ;
+ if (desc.channels_per_frame > 200)
+ { psf_log_printf (psf, "**** Bad channels per frame value %u.\n", desc.channels_per_frame) ;
+ return SFE_MALFORMED_FILE ;
+ } ;
+
if (chunk_size > SIGNED_SIZEOF (DESC_CHUNK))
psf_binheader_readf (psf, "j", (int) (chunk_size - sizeof (DESC_CHUNK))) ;

9
libsndfile.spec
View File

@ -1,13 +1,14 @@
Summary: Library for reading and writing sound files Summary: Library for reading and writing sound files
Name: libsndfile Name: libsndfile
Version: 1.0.17 Version: 1.0.17
Release: 2%{?dist} Release: 3%{?dist}
License: LGPL License: LGPL
Group: System Environment/Libraries Group: System Environment/Libraries
URL: http://www.mega-nerd.com/libsndfile/ URL: http://www.mega-nerd.com/libsndfile/
Source0: http://www.mega-nerd.com/libsndfile/libsndfile-%{version}.tar.gz Source0: http://www.mega-nerd.com/libsndfile/files/libsndfile-%{version}.tar.gz
Patch0: libsndfile-1.0.17+flac-1.1.3.patch Patch0: libsndfile-1.0.17+flac-1.1.3.patch
Patch1: libsndfile-1.0.17-flac-buffer-overflow.patch Patch1: libsndfile-1.0.17-flac-buffer-overflow.patch
Patch2: libsndfile-1.0.17-channels-per-frame-overflow.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot-%(%{__id_u} -n) BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot-%(%{__id_u} -n)
BuildRequires: alsa-lib-devel BuildRequires: alsa-lib-devel
@ -35,6 +36,7 @@ This package contains files needed to develop with libsndfile.
%setup -q %setup -q
%patch0 -p1 %patch0 -p1
%patch1 -p1 %patch1 -p1
%patch2 -p1
%build %build
%configure --disable-dependency-tracking %configure --disable-dependency-tracking
@ -82,6 +84,9 @@ rm -rf $RPM_BUILD_ROOT
%changelog %changelog
* Thu Jul 8 2010 Michel Salim <salimma@fedoraproject.org> - 1.0.17-3
- Fix for channel per frame overflow (CVE-2009-0186, #488364)
* Thu Sep 20 2007 Andreas Thienemann <andreas@bawue.net> - 1.0.17-2 * Thu Sep 20 2007 Andreas Thienemann <andreas@bawue.net> - 1.0.17-2
- Adding FLAC support to libsndfile courtesy of gentoo, #237575 - Adding FLAC support to libsndfile courtesy of gentoo, #237575
- Fixing CVE-2007-4974. Thanks to the gentoo people for the patch, #296221 - Fixing CVE-2007-4974. Thanks to the gentoo people for the patch, #296221