fix incomplete patch for CVE-2015-7805

crafted AIFF header

Makefile

@@ -1,21 +0,0 @@
-# Makefile for source rpm: libsndfile
-# $Id$
-NAME := libsndfile
-SPECFILE = $(firstword $(wildcard *.spec))
-
-define find-makefile-common
-for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done
-endef
-
-MAKEFILE_COMMON	:= $(shell $(find-makefile-common))
-
-ifeq ($(MAKEFILE_COMMON),)
-# attept a checkout
-define checkout-makefile-common
-test -f CVS/Root && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2
-endef
-
-MAKEFILE_COMMON := $(shell $(checkout-makefile-common))
-endif
-
-include $(MAKEFILE_COMMON)

libsndfile-1.0.17+flac-1.1.3.patch

@@ -0,0 +1,478 @@
+diff -ru libsndfile-1.0.17/configure.ac libsndfile-1.0.17-b2/configure.ac
+--- libsndfile-1.0.17/configure.ac	2006-08-31 02:39:37.000000000 -0700
++++ libsndfile-1.0.17-b2/configure.ac	2006-10-27 08:54:45.000000000 -0700
+@@ -339,7 +339,8 @@
+ 		if test "x$HAVE_FLAC_1_1_1" = xyes ; then
+ 			AC_DEFINE(HAVE_FLAC_1_1_1, [1], [Define to 1 if you have libflac 1.1.1])
+ 			fi
+-		FLAC_LIBS="-lFLAC"
++		# in FLAC 1.1.3 libOggFLAC was merged into libFLAC, hence we need -logg
++		FLAC_LIBS="-lFLAC -logg"
+ 		fi
+ 	fi
+ 
+diff -ru libsndfile-1.0.17/src/flac.c libsndfile-1.0.17-b2/src/flac.c
+--- libsndfile-1.0.17/src/flac.c	2006-08-31 02:22:19.000000000 -0700
++++ libsndfile-1.0.17-b2/src/flac.c	2006-10-27 08:47:36.000000000 -0700
+@@ -46,6 +46,13 @@
+ #include	"sfendian.h"
+ #include	"float_cast.h"
+ 
++/* FLAC 1.1.3 has FLAC_API_VERSION_CURRENT == 8 */
++#if !defined(FLAC_API_VERSION_CURRENT) || FLAC_API_VERSION_CURRENT < 8
++#define LEGACY_FLAC
++#else
++#undef LEGACY_FLAC
++#endif
++
+ /*------------------------------------------------------------------------------
+ ** Private static functions.
+ */
+@@ -60,8 +67,14 @@
+ } PFLAC_PCM ;
+ 
+ typedef struct
+-{	FLAC__SeekableStreamDecoder *fsd ;
++{
++#ifdef LEGACY_FLAC
++	FLAC__SeekableStreamDecoder *fsd ;
+ 	FLAC__SeekableStreamEncoder *fse ;
++#else
++	FLAC__StreamDecoder *fsd ;
++	FLAC__StreamEncoder *fse ;
++#endif
+ 	PFLAC_PCM pcmtype ;
+ 	void* ptr ;
+ 	unsigned pos, len, remain ;
+@@ -108,6 +121,7 @@
+ static int flac_command (SF_PRIVATE *psf, int command, void *data, int datasize) ;
+ 
+ /* Decoder Callbacks */
++#ifdef LEGACY_FLAC
+ static FLAC__SeekableStreamDecoderReadStatus sf_flac_read_callback (const FLAC__SeekableStreamDecoder *decoder, FLAC__byte buffer [], unsigned *bytes, void *client_data) ;
+ static FLAC__SeekableStreamDecoderSeekStatus sf_flac_seek_callback (const FLAC__SeekableStreamDecoder *decoder, FLAC__uint64 absolute_byte_offset, void *client_data) ;
+ static FLAC__SeekableStreamDecoderTellStatus sf_flac_tell_callback (const FLAC__SeekableStreamDecoder *decoder, FLAC__uint64 *absolute_byte_offset, void *client_data) ;
+@@ -116,13 +130,29 @@
+ static FLAC__StreamDecoderWriteStatus sf_flac_write_callback (const FLAC__SeekableStreamDecoder *decoder, const FLAC__Frame *frame, const FLAC__int32 * const buffer [], void *client_data) ;
+ static void sf_flac_meta_callback (const FLAC__SeekableStreamDecoder *decoder, const FLAC__StreamMetadata *metadata, void *client_data) ;
+ static void sf_flac_error_callback (const FLAC__SeekableStreamDecoder *decoder, FLAC__StreamDecoderErrorStatus status, void *client_data) ;
++#else
++static FLAC__StreamDecoderReadStatus sf_flac_read_callback (const FLAC__StreamDecoder *decoder, FLAC__byte buffer [], size_t *bytes, void *client_data) ;
++static FLAC__StreamDecoderSeekStatus sf_flac_seek_callback (const FLAC__StreamDecoder *decoder, FLAC__uint64 absolute_byte_offset, void *client_data) ;
++static FLAC__StreamDecoderTellStatus sf_flac_tell_callback (const FLAC__StreamDecoder *decoder, FLAC__uint64 *absolute_byte_offset, void *client_data) ;
++static FLAC__StreamDecoderLengthStatus sf_flac_length_callback (const FLAC__StreamDecoder *decoder, FLAC__uint64 *stream_length, void *client_data) ;
++static FLAC__bool sf_flac_eof_callback (const FLAC__StreamDecoder *decoder, void *client_data) ;
++static FLAC__StreamDecoderWriteStatus sf_flac_write_callback (const FLAC__StreamDecoder *decoder, const FLAC__Frame *frame, const FLAC__int32 * const buffer [], void *client_data) ;
++static void sf_flac_meta_callback (const FLAC__StreamDecoder *decoder, const FLAC__StreamMetadata *metadata, void *client_data) ;
++static void sf_flac_error_callback (const FLAC__StreamDecoder *decoder, FLAC__StreamDecoderErrorStatus status, void *client_data) ;
++#endif
+ 
+ /* Encoder Callbacks */
++#ifdef LEGACY_FLAC
+ static FLAC__SeekableStreamEncoderSeekStatus sf_flac_enc_seek_callback (const FLAC__SeekableStreamEncoder *encoder, FLAC__uint64 absolute_byte_offset, void *client_data) ;
+ #ifdef HAVE_FLAC_1_1_1
+ static FLAC__SeekableStreamEncoderTellStatus sf_flac_enc_tell_callback (const FLAC__SeekableStreamEncoder *encoder, FLAC__uint64 *absolute_byte_offset, void *client_data) ;
+ #endif
+ static FLAC__StreamEncoderWriteStatus sf_flac_enc_write_callback (const FLAC__SeekableStreamEncoder *encoder, const FLAC__byte buffer [], unsigned bytes, unsigned samples, unsigned current_frame, void *client_data) ;
++#else
++static FLAC__StreamEncoderSeekStatus sf_flac_enc_seek_callback (const FLAC__StreamEncoder *encoder, FLAC__uint64 absolute_byte_offset, void *client_data) ;
++static FLAC__StreamEncoderTellStatus sf_flac_enc_tell_callback (const FLAC__StreamEncoder *encoder, FLAC__uint64 *absolute_byte_offset, void *client_data) ;
++static FLAC__StreamEncoderWriteStatus sf_flac_enc_write_callback (const FLAC__StreamEncoder *encoder, const FLAC__byte buffer [], size_t bytes, unsigned samples, unsigned current_frame, void *client_data) ;
++#endif
+ 
+ static const int legal_sample_rates [] =
+ {	8000, 16000, 22050, 24000, 32000, 44100, 48000, 96000
+@@ -283,51 +313,99 @@
+ } /* flac_buffer_copy */
+ 
+ 
++#ifdef LEGACY_FLAC
+ static FLAC__SeekableStreamDecoderReadStatus
+ sf_flac_read_callback (const FLAC__SeekableStreamDecoder * UNUSED (decoder), FLAC__byte buffer [], unsigned *bytes, void *client_data)
++#else
++static FLAC__StreamDecoderReadStatus
++sf_flac_read_callback (const FLAC__StreamDecoder * UNUSED (decoder), FLAC__byte buffer [], size_t *bytes, void *client_data)
++#endif
+ {	SF_PRIVATE *psf = (SF_PRIVATE*) client_data ;
+ 
+ 	*bytes = psf_fread (buffer, 1, *bytes, psf) ;
+ 	if (*bytes > 0 && psf->error == 0)
++#ifdef LEGACY_FLAC
+ 		return FLAC__SEEKABLE_STREAM_DECODER_READ_STATUS_OK ;
+ 
+     return FLAC__SEEKABLE_STREAM_DECODER_READ_STATUS_ERROR ;
++#else
++		return FLAC__STREAM_DECODER_READ_STATUS_CONTINUE ;
++
++    return FLAC__STREAM_DECODER_READ_STATUS_ABORT ;
++#endif
+ } /* sf_flac_read_callback */
+ 
++#ifdef LEGACY_FLAC
+ static FLAC__SeekableStreamDecoderSeekStatus
+ sf_flac_seek_callback (const FLAC__SeekableStreamDecoder * UNUSED (decoder), FLAC__uint64 absolute_byte_offset, void *client_data)
++#else
++static FLAC__StreamDecoderSeekStatus
++sf_flac_seek_callback (const FLAC__StreamDecoder * UNUSED (decoder), FLAC__uint64 absolute_byte_offset, void *client_data)
++#endif
+ {	SF_PRIVATE *psf = (SF_PRIVATE*) client_data ;
+ 
+ 	psf_fseek (psf, absolute_byte_offset, SEEK_SET) ;
+ 	if (psf->error)
++#ifdef LEGACY_FLAC
+ 		return FLAC__SEEKABLE_STREAM_DECODER_SEEK_STATUS_ERROR ;
+ 
+ 	return FLAC__SEEKABLE_STREAM_DECODER_SEEK_STATUS_OK ;
++#else
++		return FLAC__STREAM_DECODER_SEEK_STATUS_ERROR ;
++
++	return FLAC__STREAM_DECODER_SEEK_STATUS_OK ;
++#endif
+ } /* sf_flac_seek_callback */
+ 
++#ifdef LEGACY_FLAC
+ static FLAC__SeekableStreamDecoderTellStatus
+ sf_flac_tell_callback (const FLAC__SeekableStreamDecoder * UNUSED (decoder), FLAC__uint64 *absolute_byte_offset, void *client_data)
++#else
++static FLAC__StreamDecoderTellStatus
++sf_flac_tell_callback (const FLAC__StreamDecoder * UNUSED (decoder), FLAC__uint64 *absolute_byte_offset, void *client_data)
++#endif
+ {	SF_PRIVATE *psf = (SF_PRIVATE*) client_data ;
+ 
+ 	*absolute_byte_offset = psf_ftell (psf) ;
+ 	if (psf->error)
++#ifdef LEGACY_FLAC
+ 		return FLAC__SEEKABLE_STREAM_DECODER_TELL_STATUS_ERROR ;
+ 
+ 	return FLAC__SEEKABLE_STREAM_DECODER_TELL_STATUS_OK ;
++#else
++		return FLAC__STREAM_DECODER_TELL_STATUS_ERROR ;
++
++	return FLAC__STREAM_DECODER_TELL_STATUS_OK ;
++#endif
+ } /* sf_flac_tell_callback */
+ 
++#ifdef LEGACY_FLAC
+ static FLAC__SeekableStreamDecoderLengthStatus
+ sf_flac_length_callback (const FLAC__SeekableStreamDecoder * UNUSED (decoder), FLAC__uint64 *stream_length, void *client_data)
++#else
++static FLAC__StreamDecoderLengthStatus
++sf_flac_length_callback (const FLAC__StreamDecoder * UNUSED (decoder), FLAC__uint64 *stream_length, void *client_data)
++#endif
+ {	SF_PRIVATE *psf = (SF_PRIVATE*) client_data ;
+ 
+ 	if ((*stream_length = psf->filelength) == 0)
++#ifdef LEGACY_FLAC
+ 		return FLAC__SEEKABLE_STREAM_DECODER_LENGTH_STATUS_ERROR ;
+ 
+ 	return FLAC__SEEKABLE_STREAM_DECODER_LENGTH_STATUS_OK ;
++#else
++		return FLAC__STREAM_DECODER_LENGTH_STATUS_ERROR ;
++
++	return FLAC__STREAM_DECODER_LENGTH_STATUS_OK ;
++#endif
+ } /* sf_flac_length_callback */
+ 
+ static FLAC__bool
++#ifdef LEGACY_FLAC
+ sf_flac_eof_callback (const FLAC__SeekableStreamDecoder *UNUSED (decoder), void *client_data)
++#else
++sf_flac_eof_callback (const FLAC__StreamDecoder *UNUSED (decoder), void *client_data)
++#endif
+ {	SF_PRIVATE *psf = (SF_PRIVATE*) client_data ;
+ 
+ 	if (psf_ftell (psf) == psf->filelength)
+@@ -337,7 +415,11 @@
+ } /* sf_flac_eof_callback */
+ 
+ static FLAC__StreamDecoderWriteStatus
++#ifdef LEGACY_FLAC
+ sf_flac_write_callback (const FLAC__SeekableStreamDecoder * UNUSED (decoder), const FLAC__Frame *frame, const FLAC__int32 * const buffer [], void *client_data)
++#else
++sf_flac_write_callback (const FLAC__StreamDecoder * UNUSED (decoder), const FLAC__Frame *frame, const FLAC__int32 * const buffer [], void *client_data)
++#endif
+ {	SF_PRIVATE *psf = (SF_PRIVATE*) client_data ;
+ 	FLAC_PRIVATE* pflac = (FLAC_PRIVATE*) psf->codec_data ;
+ 
+@@ -353,7 +435,11 @@
+ } /* sf_flac_write_callback */
+ 
+ static void
++#ifdef LEGACY_FLAC
+ sf_flac_meta_callback (const FLAC__SeekableStreamDecoder * UNUSED (decoder), const FLAC__StreamMetadata *metadata, void *client_data)
++#else
++sf_flac_meta_callback (const FLAC__StreamDecoder * UNUSED (decoder), const FLAC__StreamMetadata *metadata, void *client_data)
++#endif
+ {	SF_PRIVATE *psf = (SF_PRIVATE*) client_data ;
+ 
+ 	switch (metadata->type)
+@@ -387,7 +473,11 @@
+ } /* sf_flac_meta_callback */
+ 
+ static void
++#ifdef LEGACY_FLAC
+ sf_flac_error_callback (const FLAC__SeekableStreamDecoder * UNUSED (decoder), FLAC__StreamDecoderErrorStatus status, void *client_data)
++#else
++sf_flac_error_callback (const FLAC__StreamDecoder * UNUSED (decoder), FLAC__StreamDecoderErrorStatus status, void *client_data)
++#endif
+ {	SF_PRIVATE *psf = (SF_PRIVATE*) client_data ;
+ 
+ 	psf_log_printf (psf, "ERROR : %s\n", FLAC__StreamDecoderErrorStatusString [status]) ;
+@@ -407,17 +497,29 @@
+ 	return ;
+ } /* sf_flac_error_callback */
+ 
++#ifdef LEGACY_FLAC
+ static FLAC__SeekableStreamEncoderSeekStatus
+ sf_flac_enc_seek_callback (const FLAC__SeekableStreamEncoder * UNUSED (encoder), FLAC__uint64 absolute_byte_offset, void *client_data)
++#else
++static FLAC__StreamEncoderSeekStatus
++sf_flac_enc_seek_callback (const FLAC__StreamEncoder * UNUSED (encoder), FLAC__uint64 absolute_byte_offset, void *client_data)
++#endif
+ {	SF_PRIVATE *psf = (SF_PRIVATE*) client_data ;
+ 
+ 	psf_fseek (psf, absolute_byte_offset, SEEK_SET) ;
+ 	if (psf->error)
++#ifdef LEGACY_FLAC
+ 		return FLAC__SEEKABLE_STREAM_ENCODER_SEEK_STATUS_ERROR ;
+ 
+     return FLAC__SEEKABLE_STREAM_ENCODER_SEEK_STATUS_OK ;
++#else
++		return FLAC__STREAM_ENCODER_SEEK_STATUS_ERROR ;
++
++    return FLAC__STREAM_ENCODER_SEEK_STATUS_OK ;
++#endif
+ } /* sf_flac_enc_seek_callback */
+ 
++#ifdef LEGACY_FLAC
+ #ifdef HAVE_FLAC_1_1_1
+ static FLAC__SeekableStreamEncoderTellStatus
+ sf_flac_enc_tell_callback (const FLAC__SeekableStreamEncoder *UNUSED (encoder), FLAC__uint64 *absolute_byte_offset, void *client_data)
+@@ -430,9 +532,25 @@
+ 	return FLAC__SEEKABLE_STREAM_ENCODER_TELL_STATUS_OK ;
+ } /* sf_flac_enc_tell_callback */
+ #endif
++#else
++static FLAC__StreamEncoderTellStatus
++sf_flac_enc_tell_callback (const FLAC__StreamEncoder *UNUSED (encoder), FLAC__uint64 *absolute_byte_offset, void *client_data)
++{	SF_PRIVATE *psf = (SF_PRIVATE*) client_data ;
++
++	*absolute_byte_offset = psf_ftell (psf) ;
++	if (psf->error)
++		return FLAC__STREAM_ENCODER_TELL_STATUS_ERROR ;
++
++	return FLAC__STREAM_ENCODER_TELL_STATUS_OK ;
++} /* sf_flac_enc_tell_callback */
++#endif
+ 
+ static FLAC__StreamEncoderWriteStatus
++#ifdef LEGACY_FLAC
+ sf_flac_enc_write_callback (const FLAC__SeekableStreamEncoder * UNUSED (encoder), const FLAC__byte buffer [], unsigned bytes, unsigned UNUSED (samples), unsigned UNUSED (current_frame), void *client_data)
++#else
++sf_flac_enc_write_callback (const FLAC__StreamEncoder * UNUSED (encoder), const FLAC__byte buffer [], size_t bytes, unsigned UNUSED (samples), unsigned UNUSED (current_frame), void *client_data)
++#endif
+ {	SF_PRIVATE *psf = (SF_PRIVATE*) client_data ;
+ 
+ 	if (psf_fwrite (buffer, 1, bytes, psf) == bytes && psf->error == 0)
+@@ -509,15 +627,27 @@
+ 		return 0 ;
+ 
+ 	if (psf->mode == SFM_WRITE)
+-	{	FLAC__seekable_stream_encoder_finish (pflac->fse) ;
++	{
++#ifdef LEGACY_FLAC
++		FLAC__seekable_stream_encoder_finish (pflac->fse) ;
+ 		FLAC__seekable_stream_encoder_delete (pflac->fse) ;
++#else
++		FLAC__stream_encoder_finish (pflac->fse) ;
++		FLAC__stream_encoder_delete (pflac->fse) ;
++#endif
+ 		if (pflac->encbuffer)
+ 			free (pflac->encbuffer) ;
+ 		} ;
+ 
+ 	if (psf->mode == SFM_READ)
+-	{	FLAC__seekable_stream_decoder_finish (pflac->fsd) ;
++	{
++#ifdef LEGACY_FLAC
++		FLAC__seekable_stream_decoder_finish (pflac->fsd) ;
+ 		FLAC__seekable_stream_decoder_delete (pflac->fsd) ;
++#else
++		FLAC__stream_decoder_finish (pflac->fsd) ;
++		FLAC__stream_decoder_delete (pflac->fsd) ;
++#endif
+ 		} ;
+ 
+ 	for (k = 0 ; k < ARRAY_LEN (pflac->rbuffer) ; k++)
+@@ -546,17 +676,6 @@
+ 		return SFE_FLAC_BAD_SAMPLE_RATE ;
+ 
+ 	psf_fseek (psf, 0, SEEK_SET) ;
+-	if ((pflac->fse = FLAC__seekable_stream_encoder_new ()) == NULL)
+-		return SFE_FLAC_NEW_DECODER ;
+-	FLAC__seekable_stream_encoder_set_write_callback (pflac->fse, sf_flac_enc_write_callback) ;
+-	FLAC__seekable_stream_encoder_set_seek_callback (pflac->fse, sf_flac_enc_seek_callback) ;
+-
+-#ifdef HAVE_FLAC_1_1_1
+-	FLAC__seekable_stream_encoder_set_tell_callback (pflac->fse, sf_flac_enc_tell_callback) ;
+-#endif
+-	FLAC__seekable_stream_encoder_set_client_data (pflac->fse, psf) ;
+-	FLAC__seekable_stream_encoder_set_channels (pflac->fse, psf->sf.channels) ;
+-	FLAC__seekable_stream_encoder_set_sample_rate (pflac->fse, psf->sf.samplerate) ;
+ 
+ 	switch (psf->sf.format & SF_FORMAT_SUBMASK)
+ 	{	case SF_FORMAT_PCM_S8 :
+@@ -574,12 +693,36 @@
+ 			break ;
+ 		} ;
+ 
++#ifdef LEGACY_FLAC
++	if ((pflac->fse = FLAC__seekable_stream_encoder_new ()) == NULL)
++		return SFE_FLAC_NEW_DECODER ;
++	FLAC__seekable_stream_encoder_set_write_callback (pflac->fse, sf_flac_enc_write_callback) ;
++	FLAC__seekable_stream_encoder_set_seek_callback (pflac->fse, sf_flac_enc_seek_callback) ;
++
++#ifdef HAVE_FLAC_1_1_1
++	FLAC__seekable_stream_encoder_set_tell_callback (pflac->fse, sf_flac_enc_tell_callback) ;
++#endif
++	FLAC__seekable_stream_encoder_set_client_data (pflac->fse, psf) ;
++	FLAC__seekable_stream_encoder_set_channels (pflac->fse, psf->sf.channels) ;
++	FLAC__seekable_stream_encoder_set_sample_rate (pflac->fse, psf->sf.samplerate) ;
+ 	FLAC__seekable_stream_encoder_set_bits_per_sample (pflac->fse, bps) ;
+ 
+ 	if ((bps = FLAC__seekable_stream_encoder_init (pflac->fse)) != FLAC__SEEKABLE_STREAM_DECODER_OK)
+ 	{	psf_log_printf (psf, "Error : FLAC encoder init returned error : %s\n", FLAC__seekable_stream_encoder_get_resolved_state_string (pflac->fse)) ;
+ 		return SFE_FLAC_INIT_DECODER ;
+ 		} ;
++#else
++	if ((pflac->fse = FLAC__stream_encoder_new ()) == NULL)
++		return SFE_FLAC_NEW_DECODER ;
++	FLAC__stream_encoder_set_channels (pflac->fse, psf->sf.channels) ;
++	FLAC__stream_encoder_set_sample_rate (pflac->fse, psf->sf.samplerate) ;
++	FLAC__stream_encoder_set_bits_per_sample (pflac->fse, bps) ;
++
++	if ((bps = FLAC__stream_encoder_init_stream (pflac->fse, sf_flac_enc_write_callback, sf_flac_enc_seek_callback, sf_flac_enc_tell_callback, NULL, psf)) != FLAC__STREAM_DECODER_INIT_STATUS_OK)
++	{	psf_log_printf (psf, "Error : FLAC encoder init returned error : %s\n", FLAC__StreamEncoderInitStatusString[bps]) ;
++		return SFE_FLAC_INIT_DECODER ;
++		} ;
++#endif
+ 
+ 	if (psf->error == 0)
+ 		psf->dataoffset = psf_ftell (psf) ;
+@@ -593,6 +736,7 @@
+ {	FLAC_PRIVATE* pflac = (FLAC_PRIVATE*) psf->codec_data ;
+ 
+ 	psf_fseek (psf, 0, SEEK_SET) ;
++#ifdef LEGACY_FLAC
+ 	if ((pflac->fsd = FLAC__seekable_stream_decoder_new ()) == NULL)
+ 		return SFE_FLAC_NEW_DECODER ;
+ 
+@@ -610,9 +754,22 @@
+ 		return SFE_FLAC_INIT_DECODER ;
+ 
+ 	FLAC__seekable_stream_decoder_process_until_end_of_metadata (pflac->fsd) ;
++#else
++	if ((pflac->fsd = FLAC__stream_decoder_new ()) == NULL)
++		return SFE_FLAC_NEW_DECODER ;
++
++	if (FLAC__stream_decoder_init_stream (pflac->fsd, sf_flac_read_callback, sf_flac_seek_callback, sf_flac_tell_callback, sf_flac_length_callback, sf_flac_eof_callback, sf_flac_write_callback, sf_flac_meta_callback, sf_flac_error_callback, psf) != FLAC__STREAM_DECODER_INIT_STATUS_OK)
++		return SFE_FLAC_INIT_DECODER ;
++
++	FLAC__stream_decoder_process_until_end_of_metadata (pflac->fsd) ;
++#endif
+ 	if (psf->error == 0)
+ 	{	FLAC__uint64 position ;
++#ifdef LEGACY_FLAC
+ 		FLAC__seekable_stream_decoder_get_decode_position (pflac->fsd, &position) ;
++#else
++		FLAC__stream_decoder_get_decode_position (pflac->fsd, &position) ;
++#endif
+ 		psf->dataoffset = position ;
+ 		} ;
+ 
+@@ -676,10 +833,18 @@
+ 		flac_buffer_copy (psf) ;
+ 
+ 	while (pflac->pos < pflac->len)
+-	{	if (FLAC__seekable_stream_decoder_process_single (pflac->fsd) == 0)
++	{
++#ifdef LEGACY_FLAC
++		if (FLAC__seekable_stream_decoder_process_single (pflac->fsd) == 0)
+ 			break ;
+ 		if (FLAC__seekable_stream_decoder_get_state (pflac->fsd) != FLAC__SEEKABLE_STREAM_DECODER_OK)
+ 			break ;
++#else
++		if (FLAC__stream_decoder_process_single (pflac->fsd) == 0)
++			break ;
++		if (FLAC__stream_decoder_get_state (pflac->fsd) >= FLAC__STREAM_DECODER_END_OF_STREAM)
++			break ;
++#endif
+ 		} ;
+ 
+ 	pflac->ptr = NULL ;
+@@ -795,7 +960,11 @@
+ 	while (len > 0)
+ 	{	writecount = (len >= bufferlen) ? bufferlen : (int) len ;
+ 		convert (ptr + total, buffer, writecount) ;
++#ifdef LEGACY_FLAC
+ 		if (FLAC__seekable_stream_encoder_process_interleaved (pflac->fse, buffer, writecount/psf->sf.channels))
++#else
++		if (FLAC__stream_encoder_process_interleaved (pflac->fse, buffer, writecount/psf->sf.channels))
++#endif
+ 			thiswrite = writecount ;
+ 		else
+ 			break ;
+@@ -837,7 +1006,11 @@
+ 	while (len > 0)
+ 	{	writecount = (len >= bufferlen) ? bufferlen : (int) len ;
+ 		convert (ptr + total, buffer, writecount) ;
++#ifdef LEGACY_FLAC
+ 		if (FLAC__seekable_stream_encoder_process_interleaved (pflac->fse, buffer, writecount/psf->sf.channels))
++#else
++		if (FLAC__stream_encoder_process_interleaved (pflac->fse, buffer, writecount/psf->sf.channels))
++#endif
+ 			thiswrite = writecount ;
+ 		else
+ 			break ;
+@@ -879,7 +1052,11 @@
+ 	while (len > 0)
+ 	{	writecount = (len >= bufferlen) ? bufferlen : (int) len ;
+ 		convert (ptr + total, buffer, writecount, psf->norm_float) ;
++#ifdef LEGACY_FLAC
+ 		if (FLAC__seekable_stream_encoder_process_interleaved (pflac->fse, buffer, writecount/psf->sf.channels))
++#else
++		if (FLAC__stream_encoder_process_interleaved (pflac->fse, buffer, writecount/psf->sf.channels))
++#endif
+ 			thiswrite = writecount ;
+ 		else
+ 			break ;
+@@ -1011,7 +1188,11 @@
+ 	while (len > 0)
+ 	{	writecount = (len >= bufferlen) ? bufferlen : (int) len ;
+ 		convert (ptr + total, buffer, writecount, psf->norm_double) ;
++#ifdef LEGACY_FLAC
+ 		if (FLAC__seekable_stream_encoder_process_interleaved (pflac->fse, buffer, writecount/psf->sf.channels))
++#else
++		if (FLAC__stream_encoder_process_interleaved (pflac->fse, buffer, writecount/psf->sf.channels))
++#endif
+ 			thiswrite = writecount ;
+ 		else
+ 			break ;
+@@ -1131,10 +1312,17 @@
+ 
+ 	if (psf->mode == SFM_READ)
+ 	{	FLAC__uint64 position ;
++#ifdef LEGACY_FLAC
+ 		if (FLAC__seekable_stream_decoder_seek_absolute (pflac->fsd, offset))
+ 		{	FLAC__seekable_stream_decoder_get_decode_position (pflac->fsd, &position) ;
+ 			return offset ;
+ 			} ;
++#else
++		if (FLAC__stream_decoder_seek_absolute (pflac->fsd, offset))
++		{	FLAC__stream_decoder_get_decode_position (pflac->fsd, &position) ;
++			return offset ;
++			} ;
++#endif
+ 
+ 		return ((sf_count_t) -1) ;
+ 		} ;

libsndfile-1.0.17-channels-per-frame-overflow.patch

@@ -0,0 +1,16 @@
+diff -up libsndfile-1.0.17/src/caf.c.orig libsndfile-1.0.17/src/caf.c
+--- libsndfile-1.0.17/src/caf.c.orig	2006-08-31 11:22:07.000000000 +0200
++++ libsndfile-1.0.17/src/caf.c	2010-07-07 15:25:35.579607380 +0200
+@@ -282,6 +282,11 @@ caf_read_header (SF_PRIVATE *psf)
+ 			"  Frames / packet  : %u\n  Channels / frame : %u\n  Bits / channel   : %u\n",
+ 			desc.fmt_id, desc.fmt_flags, desc.pkt_bytes, desc.pkt_frames, desc.channels_per_frame, desc.bits_per_chan) ;
+ 
++	if (desc.channels_per_frame > 200)
++	{       psf_log_printf (psf, "**** Bad channels per frame value %u.\n", desc.channels_per_frame) ;
++		return SFE_MALFORMED_FILE ;
++		} ;
++
+ 	if (chunk_size > SIGNED_SIZEOF (DESC_CHUNK))
+ 		psf_binheader_readf (psf, "j", (int) (chunk_size - sizeof (DESC_CHUNK))) ;
+ 
+

libsndfile-1.0.17-flac-buffer-overflow.patch

@@ -0,0 +1,40 @@
+Index: libsndfile-1.0.17/src/flac.c
+===================================================================
+--- libsndfile-1.0.17.orig/src/flac.c
++++ libsndfile-1.0.17/src/flac.c
+@@ -57,7 +57,7 @@ flac_open (SF_PRIVATE *psf)
+ ** Private static functions.
+ */
+ 
+-#define ENC_BUFFER_SIZE 4096
++#define ENC_BUFFER_SIZE 8192
+ 
+ typedef enum
+ {	PFLAC_PCM_SHORT = 0,
+@@ -202,6 +202,17 @@ flac_buffer_copy (SF_PRIVATE *psf)
+ 	const FLAC__int32* const *buffer = pflac->wbuffer ;
+ 	unsigned i = 0, j, offset ;
+ 
++	/*
++	**	frame->header.blocksize is variable and we're using a constant blocksize
++	**	of FLAC__MAX_BLOCK_SIZE.
++	**	Check our assumptions here.
++	*/
++	if (frame->header.blocksize > FLAC__MAX_BLOCK_SIZE)
++	{	psf_log_printf (psf, "Ooops : frame->header.blocksize (%d) > FLAC__MAX_BLOCK_SIZE (%d)\n", __func__, __LINE__, frame->header.blocksize, FLAC__MAX_BLOCK_SIZE) ;
++		psf->error = SFE_INTERNAL ;
++		return 0 ;
++		} ;
++
+ 	if (pflac->ptr == NULL)
+ 	{	/*
+ 		**	Not sure why this code is here and not elsewhere.
+@@ -210,7 +221,7 @@ flac_buffer_copy (SF_PRIVATE *psf)
+ 		pflac->bufferbackup = SF_TRUE ;
+ 		for (i = 0 ; i < frame->header.channels ; i++)
+ 		{	if (pflac->rbuffer [i] == NULL)
+-				pflac->rbuffer [i] = calloc (frame->header.blocksize, sizeof (FLAC__int32)) ;
++				pflac->rbuffer [i] = calloc (FLAC__MAX_BLOCK_SIZE, sizeof (FLAC__int32)) ;
+ 			memcpy (pflac->rbuffer [i], buffer [i], frame->header.blocksize * sizeof (FLAC__int32)) ;
+ 			} ;
+ 		pflac->wbuffer = (const FLAC__int32* const*) pflac->rbuffer ;

libsndfile-1.0.17-r1305,1610.patch

@@ -0,0 +1,91 @@
+diff -U0 libsndfile-1.0.17/ChangeLog.r1610 libsndfile-1.0.17/ChangeLog
+--- libsndfile-1.0.17/ChangeLog.r1610	2006-08-31 11:39:36.000000000 +0200
++++ libsndfile-1.0.17/ChangeLog	2011-07-14 15:20:10.566469047 +0200
+@@ -0,0 +1,11 @@
++2011-07-05  Erik de Castro Lopo  <erikd AT mega-nerd DOT com>
++
++    * src/paf.c src/common.h src/sndfile.c
++    Fix for Secunia Advisory SA45125, heap overflow (heap gets overwritten with
++    byte value of 0) due to integer overflow if PAF file handler.
++
++2009-03-15  Erik de Castro Lopo  <erikd AT mega-nerd DOT com>
++
++    * src/common.h src/caf.c src/sndfile.c
++    Add SF_MAX_CHANNELS (set to 256) and use it.
++
+diff -up libsndfile-1.0.17/src/caf.c.r1610 libsndfile-1.0.17/src/caf.c
+--- libsndfile-1.0.17/src/caf.c.r1610	2011-07-14 15:20:10.550468873 +0200
++++ libsndfile-1.0.17/src/caf.c	2011-07-14 15:20:10.567469058 +0200
+@@ -282,7 +282,7 @@ caf_read_header (SF_PRIVATE *psf)
+ 			"  Frames / packet  : %u\n  Channels / frame : %u\n  Bits / channel   : %u\n",
+ 			desc.fmt_id, desc.fmt_flags, desc.pkt_bytes, desc.pkt_frames, desc.channels_per_frame, desc.bits_per_chan) ;
+ 
+-	if (desc.channels_per_frame > 200)
++	if (desc.channels_per_frame > SF_MAX_CHANNELS)
+ 	{       psf_log_printf (psf, "**** Bad channels per frame value %u.\n", desc.channels_per_frame) ;
+ 		return SFE_MALFORMED_FILE ;
+ 		} ;
+diff -up libsndfile-1.0.17/src/common.h.r1610 libsndfile-1.0.17/src/common.h
+--- libsndfile-1.0.17/src/common.h.r1610	2006-08-31 11:22:07.000000000 +0200
++++ libsndfile-1.0.17/src/common.h	2011-07-14 15:20:10.568469068 +0200
+@@ -75,6 +75,8 @@
+ #define		SF_MAX(a,b)		((a) > (b) ? (a) : (b))
+ #define		SF_MIN(a,b)		((a) < (b) ? (a) : (b))
+ 
++#define		SF_MAX_CHANNELS	256
++
+ enum
+ {	/* PEAK chunk location. */
+ 	SF_PEAK_START		= 42,
+@@ -454,6 +456,7 @@ enum
+ 	SFE_PAF_VERSION,
+ 	SFE_PAF_UNKNOWN_FORMAT,
+ 	SFE_PAF_SHORT_HEADER,
++	SFE_PAF_BAD_CHANNELS,
+ 
+ 	SFE_SVX_NO_FORM,
+ 	SFE_SVX_NO_BODY,
+diff -up libsndfile-1.0.17/src/paf.c.r1610 libsndfile-1.0.17/src/paf.c
+--- libsndfile-1.0.17/src/paf.c.r1610	2006-08-31 11:22:07.000000000 +0200
++++ libsndfile-1.0.17/src/paf.c	2011-07-14 15:20:10.559468971 +0200
+@@ -163,6 +163,9 @@ paf_read_header	(SF_PRIVATE *psf)
+ {	PAF_FMT		paf_fmt ;
+ 	int			marker ;
+ 
++	if (psf->filelength < PAF_HEADER_LENGTH)
++		return SFE_PAF_SHORT_HEADER ;
++
+ 	memset (&paf_fmt, 0, sizeof (paf_fmt)) ;
+ 	psf_binheader_readf (psf, "pm", 0, &marker) ;
+ 
+@@ -199,8 +202,8 @@ paf_read_header	(SF_PRIVATE *psf)
+ 		psf->endian = SF_ENDIAN_BIG ;
+ 		} ;
+ 
+-	if (psf->filelength < PAF_HEADER_LENGTH)
+-		return SFE_PAF_SHORT_HEADER ;
++	if (paf_fmt.channels > SF_MAX_CHANNELS)
++		return SFE_PAF_BAD_CHANNELS ;
+ 
+ 	psf->datalength = psf->filelength - psf->dataoffset ;
+ 
+diff -up libsndfile-1.0.17/src/sndfile.c.r1610 libsndfile-1.0.17/src/sndfile.c
+--- libsndfile-1.0.17/src/sndfile.c.r1610	2006-08-31 11:22:07.000000000 +0200
++++ libsndfile-1.0.17/src/sndfile.c	2011-07-14 15:20:10.571469100 +0200
+@@ -146,6 +146,7 @@ ErrorStruct SndfileErrors [] =
+ 	{	SFE_PAF_VERSION			, "Error in PAF file, bad version." },
+ 	{	SFE_PAF_UNKNOWN_FORMAT	, "Error in PAF file, unknown format." },
+ 	{	SFE_PAF_SHORT_HEADER	, "Error in PAF file. File shorter than minimal header." },
++	{	SFE_PAF_BAD_CHANNELS	, "Error in PAF file. Bad channel count." },
+ 
+ 	{	SFE_SVX_NO_FORM			, "Error in 8SVX / 16SV file, no 'FORM' marker." },
+ 	{	SFE_SVX_NO_BODY			, "Error in 8SVX / 16SV file, no 'BODY' marker." },
+@@ -560,7 +561,7 @@ sf_format_check	(const SF_INFO *info)
+ 	** Return 0 on failure, 1 ons success.
+ 	*/
+ 
+-	if (info->channels < 1 || info->channels > 256)
++	if (info->channels < 1 || info->channels > SF_MAX_CHANNELS)
+ 		return 0 ;
+ 
+ 	if (info->samplerate < 0)

libsndfile-1.0.25-53c9f0bcaf20203bb4ee56da760a6e5118e6f93b.patch

@@ -0,0 +1,22 @@
+From 53c9f0bcaf20203bb4ee56da760a6e5118e6f93b Mon Sep 17 00:00:00 2001
+From: Erik de Castro Lopo <erikd@mega-nerd.com>
+Date: Mon, 9 Nov 2015 19:18:48 +1100
+Subject: [PATCH] src/common.c: Pull fix from 1.0.25
+
+---
+ src/common.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/common.c b/src/common.c
+index c6b88cc..830c43e 100644
+--- a/src/common.c
++++ b/src/common.c
+@@ -805,7 +805,7 @@ header_read (SF_PRIVATE *psf, void *ptr, int bytes)
+ 	if (psf->headindex + bytes > SIGNED_SIZEOF (psf->header))
+ 	{	int most ;
+ 
+-		most = SIGNED_SIZEOF (psf->header) - psf->headindex ;
++		most = SIGNED_SIZEOF (psf->header) - psf->headend ;
+ 		psf_fread (psf->header + psf->headend, 1, most, psf) ;
+ 		memcpy (ptr, psf->header + psf->headend, most) ;
+ 		psf->headend = psf->headindex += most ;

libsndfile-1.0.25-cve2014_9496.patch

@@ -0,0 +1,51 @@
+diff -up libsndfile-1.0.25/src/sd2.c.cve2014_9496 libsndfile-1.0.25/src/sd2.c
+--- libsndfile-1.0.25/src/sd2.c.cve2014_9496	2011-01-19 11:10:36.000000000 +0100
++++ libsndfile-1.0.25/src/sd2.c	2015-01-13 17:00:35.920285526 +0100
+@@ -395,6 +395,21 @@ read_marker (const unsigned char * data,
+ 		return 0x666 ;
+ } /* read_marker */
+ 
++static inline int
++read_rsrc_marker (const SD2_RSRC *prsrc, int offset)
++{	const unsigned char * data = prsrc->rsrc_data ;
++
++	if (offset < 0 || offset + 3 >= prsrc->rsrc_len)
++		return 0 ;
++
++	if (CPU_IS_BIG_ENDIAN)
++		return (((uint32_t) data [offset]) << 24) + (data [offset + 1] << 16) + (data [offset + 2] << 8) + data [offset + 3] ;
++	if (CPU_IS_LITTLE_ENDIAN)
++		return data [offset] + (data [offset + 1] << 8) + (data [offset + 2] << 16) + (((uint32_t) data [offset + 3]) << 24) ;
++
++	return 0 ;
++} /* read_rsrc_marker */
++
+ static void
+ read_str (const unsigned char * data, int offset, char * buffer, int buffer_len)
+ {	int k ;
+@@ -496,6 +511,11 @@ sd2_parse_rsrc_fork (SF_PRIVATE *psf)
+ 
+ 	rsrc.type_offset = rsrc.map_offset + 30 ;
+ 
++	if (rsrc.map_offset + 28 > rsrc.rsrc_len)
++	{       psf_log_printf (psf, "Bad map offset.\n") ;
++		goto parse_rsrc_fork_cleanup ;
++		} ;
++
+ 	rsrc.type_count = read_short (rsrc.rsrc_data, rsrc.map_offset + 28) + 1 ;
+ 	if (rsrc.type_count < 1)
+ 	{	psf_log_printf (psf, "Bad type count.\n") ;
+@@ -512,7 +532,12 @@ sd2_parse_rsrc_fork (SF_PRIVATE *psf)
+ 
+ 	rsrc.str_index = -1 ;
+ 	for (k = 0 ; k < rsrc.type_count ; k ++)
+-	{	marker = read_marker (rsrc.rsrc_data, rsrc.type_offset + k * 8) ;
++	{	if (rsrc.type_offset + k * 8 > rsrc.rsrc_len)
++		{	psf_log_printf (psf, "Bad rsrc marker.\n") ;
++			goto parse_rsrc_fork_cleanup ;
++			} ;
++
++		marker = read_rsrc_marker (&rsrc, rsrc.type_offset + k * 8) ;
+ 
+ 		if (marker == STR_MARKER)
+ 		{	rsrc.str_index = k ;

libsndfile-1.0.25-d2a87385c1ca1d72918e9a2875d24f202a5093e8.patch

@@ -0,0 +1,89 @@
+From d2a87385c1ca1d72918e9a2875d24f202a5093e8 Mon Sep 17 00:00:00 2001
+From: Erik de Castro Lopo <erikd@mega-nerd.com>
+Date: Sat, 7 Feb 2015 15:45:10 +1100
+Subject: [PATCH] src/common.c : Fix a header parsing bug.
+
+When the file header is bigger that SF_HEADER_LEN, the code would seek
+instead of reading causing file parse errors.
+
+The current header parsing and writing code *badly* needs a re-write.
+---
+ src/common.c | 27 +++++++++++----------------
+ 1 file changed, 11 insertions(+), 16 deletions(-)
+
+diff -up libsndfile-1.0.17/src/common.c.d2a87385c1ca1d72918e9a2875d24f202a5093e8 libsndfile-1.0.17/src/common.c
+--- libsndfile-1.0.17/src/common.c.d2a87385c1ca1d72918e9a2875d24f202a5093e8	2006-08-31 11:22:07.000000000 +0200
++++ libsndfile-1.0.17/src/common.c	2015-11-06 20:47:43.080091853 +0100
+@@ -1,5 +1,5 @@
+ /*
+-** Copyright (C) 1999-2006 Erik de Castro Lopo <erikd@mega-nerd.com>
++** Copyright (C) 1999-2015 Erik de Castro Lopo <erikd@mega-nerd.com>
+ **
+ ** This program is free software; you can redistribute it and/or modify
+ ** it under the terms of the GNU Lesser General Public License as published by
+@@ -800,21 +800,16 @@ header_read (SF_PRIVATE *psf, void *ptr,
+ {	int count = 0 ;
+ 
+ 	if (psf->headindex >= SIGNED_SIZEOF (psf->header))
+-	{	memset (ptr, 0, SIGNED_SIZEOF (psf->header) - psf->headindex) ;
+-
+-		/* This is the best that we can do. */
+-		psf_fseek (psf, bytes, SEEK_CUR) ;
+-		return bytes ;
+-		} ;
++		return psf_fread (ptr, 1, bytes, psf) ;
+ 
+ 	if (psf->headindex + bytes > SIGNED_SIZEOF (psf->header))
+ 	{	int most ;
+ 
+ 		most = SIGNED_SIZEOF (psf->header) - psf->headindex ;
+ 		psf_fread (psf->header + psf->headend, 1, most, psf) ;
+-		memset ((char *) ptr + most, 0, bytes - most) ;
+-
+-		psf_fseek (psf, bytes - most, SEEK_CUR) ;
++		memcpy (ptr, psf->header + psf->headend, most) ;
++		psf->headend = psf->headindex += most ;
++		psf_fread ((char *) ptr + most, bytes - most, 1, psf) ;
+ 		return bytes ;
+ 		} ;
+ 
+@@ -822,7 +817,7 @@ header_read (SF_PRIVATE *psf, void *ptr,
+ 	{	count = psf_fread (psf->header + psf->headend, 1, bytes - (psf->headend - psf->headindex), psf) ;
+ 		if (count != bytes - (int) (psf->headend - psf->headindex))
+ 		{	psf_log_printf (psf, "Error : psf_fread returned short count.\n") ;
+-			return 0 ;
++			return count ;
+ 			} ;
+ 		psf->headend += count ;
+ 		} ;
+@@ -836,7 +831,6 @@ header_read (SF_PRIVATE *psf, void *ptr,
+ static void
+ header_seek (SF_PRIVATE *psf, sf_count_t position, int whence)
+ {
+-
+ 	switch (whence)
+ 	{	case SEEK_SET :
+ 			if (position > SIGNED_SIZEOF (psf->header))
+@@ -885,8 +879,7 @@ header_seek (SF_PRIVATE *psf, sf_count_t
+ 
+ static int
+ header_gets (SF_PRIVATE *psf, char *ptr, int bufsize)
+-{
+-	int		k ;
++{	int		k ;
+ 
+ 	for (k = 0 ; k < bufsize - 1 ; k++)
+ 	{	if (psf->headindex < psf->headend)
+@@ -1073,8 +1066,10 @@ psf_binheader_readf (SF_PRIVATE *psf, ch
+ 			case 'j' :
+ 					/* Get the seek position first. */
+ 					count = va_arg (argptr, int) ;
+-					header_seek (psf, count, SEEK_CUR) ;
+-					byte_count += count ;
++					if (count)
++					{	header_seek (psf, count, SEEK_CUR) ;
++						byte_count += count ;
++						} ;
+ 					break ;
+ 
+ 			default :

libsndfile-1.0.25-zerodivfix.patch

@@ -0,0 +1,25 @@
+From 725c7dbb95bfaf8b4bb7b04820e3a00cceea9ce6 Mon Sep 17 00:00:00 2001
+From: Erik de Castro Lopo <erikd@mega-nerd.com>
+Date: Wed, 24 Dec 2014 21:02:35 +1100
+Subject: [PATCH] src/file_io.c : Prevent potential divide-by-zero.
+
+Closes: https://github.com/erikd/libsndfile/issues/92
+---
+ src/file_io.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/src/file_io.c b/src/file_io.c
+index 26d3d6d..6ccab78 100644
+--- a/src/file_io.c
++++ b/src/file_io.c
+@@ -358,6 +358,9 @@ psf_fwrite (const void *ptr, sf_count_t bytes, sf_count_t items, SF_PRIVATE *psf
+ {	sf_count_t total = 0 ;
+ 	ssize_t	count ;
+ 
++	if (bytes == 0 || items == 0)
++		return 0 ;
++
+ 	if (psf->virtual_io)
+ 		return psf->vio.write (ptr, bytes*items, psf->vio_user_data) / bytes ;
+ 
+

libsndfile.spec

@@ -1,11 +1,33 @@
 Summary:	Library for reading and writing sound files
 Name:		libsndfile
 Version:	1.0.17
-Release:	1%{?dist}
+Release:	8%{?dist}
 License:	LGPL
 Group:		System Environment/Libraries
 URL:		http://www.mega-nerd.com/libsndfile/
-Source0:	http://www.mega-nerd.com/libsndfile/libsndfile-%{version}.tar.gz
+Source0:	http://www.mega-nerd.com/libsndfile/files/libsndfile-%{version}.tar.gz
+Patch0:         libsndfile-1.0.17+flac-1.1.3.patch
+Patch1:         libsndfile-1.0.17-flac-buffer-overflow.patch
+
+#from upstream, for libsndfile < 1.0.19, CVE-2009-0186
+Patch2:		libsndfile-1.0.17-channels-per-frame-overflow.patch
+
+#from upstream, for libsndfile < 1.0.20, CVE-2009-1788 CVE-2009-1791 
+#http://www.mega-nerd.com/erikd/Blog/CodeHacking/libsndfile/rel_20.html
+Patch3:		voc-aiff-patch-1.0.17.diff
+
+#from upstream, for libsndfile < 1.0.25, crash by overflow with some PAF files (#721239)
+Patch4:         libsndfile-1.0.17-r1305,1610.patch
+
+#from upstream, for libsndfile <= 1.0.25, rhbz#1177254
+Patch5: libsndfile-1.0.25-zerodivfix.patch
+
+#from upstream, for libsndfile <= 1.0.25, rhbz#1178840
+Patch6: libsndfile-1.0.25-cve2014_9496.patch
+# 2x from upstream, for <= 1.0.25, rhbz#1277899 
+Patch7: libsndfile-1.0.25-d2a87385c1ca1d72918e9a2875d24f202a5093e8.patch
+Patch8: libsndfile-1.0.25-53c9f0bcaf20203bb4ee56da760a6e5118e6f93b.patch
+
 BuildRoot:	%{_tmppath}/%{name}-%{version}-%{release}-buildroot-%(%{__id_u} -n)
 
 BuildRequires:	alsa-lib-devel
@@ -31,6 +53,15 @@ This package contains files needed to develop with libsndfile.
 
 %prep
 %setup -q
+%patch0 -p1
+%patch1 -p1
+%patch2 -p1
+%patch3 -p1
+%patch4 -p1
+%patch5 -p1 -b .zerodivfix
+%patch6 -p1 -b .cve2014_9496
+%patch7 -p1 -b .d2a87385c1ca1d72918e9a2875d24f202a5093e8
+%patch8 -p1 -b .53c9f0bcaf20203bb4ee56da760a6e5118e6f93b
 
 %build
 %configure --disable-dependency-tracking
@@ -78,6 +109,31 @@ rm -rf $RPM_BUILD_ROOT
 
 
 %changelog
+* Thu Dec 17 2015 Michal Hlavinka <mhlavink@redhat.com> - 1.0.17-8
+- fix incomplete patch for CVE-2015-7805
+
+* Fri Nov 06 2015 Michal Hlavinka <mhlavink@redhat.com> - 1.0.17-7
+- fix CVE-2015-7805: Heap overflow vulnerability when parsing specially
+  crafted AIFF header
+
+* Tue Jan 13 2015 Michal Hlavinka <mhlavink@redhat.com> - 1.0.17-6
+- fix CVE-2014-9496: 2 buffer overruns in sd2_parse_rsrc_fork (#1178840)
+- division by zero leading to denial of service in psf_fwrite (#1177254)
+
+* Thu Jul 14 2011 Michal Hlavinka <mhlavink@redhat.com> - 1.0.17-5
+- fixes integer overflow by processing certain PAF audio files (#721239)
+
+* Thu Dec 23 2010 Michal Hlavinka <mhlavink@redhat.com> - 1.0.17-4
+- fix CVE-2009-1788 : VOC file heap based buffer overflow (#502657)
+- fix CVE-2009-1791 : AIFF file heap based buffer overflow (#502658)
+
+* Thu Jul  8 2010 Michel Salim <salimma@fedoraproject.org> - 1.0.17-3
+- Fix for channel per frame overflow (CVE-2009-0186, #488364)
+
+* Thu Sep 20 2007 Andreas Thienemann <andreas@bawue.net> - 1.0.17-2
+- Adding FLAC support to libsndfile courtesy of gentoo, #237575
+- Fixing CVE-2007-4974. Thanks to the gentoo people for the patch, #296221
+
 * Fri Sep 08 2006 Andreas Thienemann <andreas@bawue.net> - 1.0.17-1
 - Updated to 1.0.17
 

voc-aiff-patch-1.0.17.diff

@@ -0,0 +1,52 @@
+diff -ur libsndfile-1.0.17-orig/src/aiff.c libsndfile-1.0.17/src/aiff.c
+--- libsndfile-1.0.17-orig/src/aiff.c	2006-08-31 19:22:07.000000000 +1000
++++ libsndfile-1.0.17/src/aiff.c	2009-04-27 19:24:01.000000000 +1000
+@@ -714,13 +714,25 @@
+ 						psf_log_printf (psf, "  Count : %d\n", mark_count) ;
+ 
+ 						for (n = 0 ; n < mark_count && bytesread < dword ; n++)
+-						{	bytesread += psf_binheader_readf (psf, "E241", &mark_id, &position, &pstr_len) ;
+-							psf_log_printf (psf, "   Mark ID  : %u\n   Position : %u\n", mark_id, position) ;
++						{	unsigned int pstr_len ;
++							unsigned char ch ;
+ 
+-							pstr_len += (pstr_len & 1) + 1 ; /* fudgy, fudgy, hack, hack */
+-
+-							bytesread += psf_binheader_readf (psf, "b", psf->u.scbuf, pstr_len) ;
+-							psf_log_printf (psf, "   Name     : %s\n", psf->u.scbuf) ;
++							bytesread += psf_binheader_readf (psf, "E241", &mark_id, &position, &ch) ;
++  							psf_log_printf (psf, "   Mark ID  : %u\n   Position : %u\n", mark_id, position) ;
++  
++							pstr_len = (ch & 1) ? ch : ch + 1 ;
++
++							if (pstr_len < sizeof (psf->u.scbuf) - 1)
++							{	bytesread += psf_binheader_readf (psf, "b", psf->u.scbuf, pstr_len) ;
++								psf->u.scbuf [pstr_len] = 0 ;
++								}
++							else
++							{	unsigned int read_len = pstr_len - (sizeof (psf->u.scbuf) - 1) ;
++								bytesread += psf_binheader_readf (psf, "bj", psf->u.scbuf, read_len, pstr_len - read_len) ;
++								psf->u.scbuf [sizeof (psf->u.scbuf) - 1] = 0 ;
++								}
++  
++  							psf_log_printf (psf, "   Name     : %s\n", psf->u.scbuf) ;
+ 
+ 							markstr [n].markerID = mark_id ;
+ 							markstr [n].position = position ;
+diff -ur libsndfile-1.0.17-orig/src/voc.c libsndfile-1.0.17/src/voc.c
+--- libsndfile-1.0.17-orig/src/voc.c	2006-08-31 19:22:07.000000000 +1000
++++ libsndfile-1.0.17/src/voc.c	2009-04-27 19:21:18.000000000 +1000
+@@ -209,6 +209,13 @@
+ 
+ 						psf_log_printf (psf, " ASCII : %d\n", size) ;
+ 
++						if (size < sizeof (psf->header) - 1)
++						{	offset += psf_binheader_readf (psf, "b", psf->header, size) ;
++							psf->header [size] = 0 ;
++							psf_log_printf (psf, "  text : %s\n", psf->header) ;
++							continue ;
++							}
++
+ 						offset += psf_binheader_readf (psf, "b", psf->header, size) ;
+ 						psf->header [size] = 0 ;
+ 						psf_log_printf (psf, "  text : %s\n", psf->header) ;