rpms
/
libsndfile
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix incomplete patch for CVE-2015-7805

This commit is contained in:
Michal Hlavinka 2015-12-17 11:40:39 +01:00
parent 08344da4ba
commit 383e276fa9
2 changed files with 29 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
libsndfile-1.0.25-53c9f0bcaf20203bb4ee56da760a6e5118e6f93b.patch Normal file
View File

@ -0,0 +1,22 @@
From 53c9f0bcaf20203bb4ee56da760a6e5118e6f93b Mon Sep 17 00:00:00 2001
From: Erik de Castro Lopo <erikd@mega-nerd.com>
Date: Mon, 9 Nov 2015 19:18:48 +1100
Subject: [PATCH] src/common.c: Pull fix from 1.0.25
---
src/common.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/common.c b/src/common.c
index c6b88cc..830c43e 100644
--- a/src/common.c
+++ b/src/common.c
@@ -805,7 +805,7 @@ header_read (SF_PRIVATE *psf, void *ptr, int bytes)
if (psf->headindex + bytes > SIGNED_SIZEOF (psf->header))
{ int most ;
- most = SIGNED_SIZEOF (psf->header) - psf->headindex ;
+ most = SIGNED_SIZEOF (psf->header) - psf->headend ;
psf_fread (psf->header + psf->headend, 1, most, psf) ;
memcpy (ptr, psf->header + psf->headend, most) ;
psf->headend = psf->headindex += most ;

8
libsndfile.spec
View File

@ -1,7 +1,7 @@
Summary: Library for reading and writing sound files
Name: libsndfile
Version: 1.0.17
Release: 7%{?dist}
Release: 8%{?dist}
License: LGPL
Group: System Environment/Libraries
URL: http://www.mega-nerd.com/libsndfile/
@ -24,7 +24,9 @@ Patch5: libsndfile-1.0.25-zerodivfix.patch
#from upstream, for libsndfile <= 1.0.25, rhbz#1178840
Patch6: libsndfile-1.0.25-cve2014_9496.patch
# 2x from upstream, for <= 1.0.25, rhbz#1277899
Patch7: libsndfile-1.0.25-d2a87385c1ca1d72918e9a2875d24f202a5093e8.patch
Patch8: libsndfile-1.0.25-53c9f0bcaf20203bb4ee56da760a6e5118e6f93b.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot-%(%{__id_u} -n)
@ -59,6 +61,7 @@ This package contains files needed to develop with libsndfile.
%patch5 -p1 -b .zerodivfix
%patch6 -p1 -b .cve2014_9496
%patch7 -p1 -b .d2a87385c1ca1d72918e9a2875d24f202a5093e8
%patch8 -p1 -b .53c9f0bcaf20203bb4ee56da760a6e5118e6f93b
%build
%configure --disable-dependency-tracking
@ -106,6 +109,9 @@ rm -rf $RPM_BUILD_ROOT
%changelog
* Thu Dec 17 2015 Michal Hlavinka <mhlavink@redhat.com> - 1.0.17-8
- fix incomplete patch for CVE-2015-7805
* Fri Nov 06 2015 Michal Hlavinka <mhlavink@redhat.com> - 1.0.17-7
- fix CVE-2015-7805: Heap overflow vulnerability when parsing specially
crafted AIFF header