Compare commits
4 Commits
Author | SHA1 | Date |
---|---|---|
Michal Hlavinka | 56ab329a05 | |
Michal Hlavinka | fc09a293cd | |
Michal Hlavinka | 5f78793035 | |
Michal Hlavinka | b9fa647862 |
|
@ -3,3 +3,5 @@ libsndfile-1.0.21.tar.gz
|
|||
/libsndfile-1.0.23.tar.gz
|
||||
/libsndfile-1.0.24.tar.gz
|
||||
/libsndfile-1.0.25.tar.gz
|
||||
/libsndfile-1.0.27.tar.gz
|
||||
/libsndfile-1.0.28.tar.gz
|
||||
|
|
|
@ -1,22 +0,0 @@
|
|||
From 53c9f0bcaf20203bb4ee56da760a6e5118e6f93b Mon Sep 17 00:00:00 2001
|
||||
From: Erik de Castro Lopo <erikd@mega-nerd.com>
|
||||
Date: Mon, 9 Nov 2015 19:18:48 +1100
|
||||
Subject: [PATCH] src/common.c: Pull fix from 1.0.25
|
||||
|
||||
---
|
||||
src/common.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/common.c b/src/common.c
|
||||
index c6b88cc..830c43e 100644
|
||||
--- a/src/common.c
|
||||
+++ b/src/common.c
|
||||
@@ -805,7 +805,7 @@ header_read (SF_PRIVATE *psf, void *ptr, int bytes)
|
||||
if (psf->headindex + bytes > SIGNED_SIZEOF (psf->header))
|
||||
{ int most ;
|
||||
|
||||
- most = SIGNED_SIZEOF (psf->header) - psf->headindex ;
|
||||
+ most = SIGNED_SIZEOF (psf->header) - psf->headend ;
|
||||
psf_fread (psf->header + psf->headend, 1, most, psf) ;
|
||||
memcpy (ptr, psf->header + psf->headend, most) ;
|
||||
psf->headend = psf->headindex += most ;
|
|
@ -1,51 +0,0 @@
|
|||
diff -up libsndfile-1.0.25/src/sd2.c.cve2014_9496 libsndfile-1.0.25/src/sd2.c
|
||||
--- libsndfile-1.0.25/src/sd2.c.cve2014_9496 2011-01-19 11:10:36.000000000 +0100
|
||||
+++ libsndfile-1.0.25/src/sd2.c 2015-01-13 17:00:35.920285526 +0100
|
||||
@@ -395,6 +395,21 @@ read_marker (const unsigned char * data,
|
||||
return 0x666 ;
|
||||
} /* read_marker */
|
||||
|
||||
+static inline int
|
||||
+read_rsrc_marker (const SD2_RSRC *prsrc, int offset)
|
||||
+{ const unsigned char * data = prsrc->rsrc_data ;
|
||||
+
|
||||
+ if (offset < 0 || offset + 3 >= prsrc->rsrc_len)
|
||||
+ return 0 ;
|
||||
+
|
||||
+ if (CPU_IS_BIG_ENDIAN)
|
||||
+ return (((uint32_t) data [offset]) << 24) + (data [offset + 1] << 16) + (data [offset + 2] << 8) + data [offset + 3] ;
|
||||
+ if (CPU_IS_LITTLE_ENDIAN)
|
||||
+ return data [offset] + (data [offset + 1] << 8) + (data [offset + 2] << 16) + (((uint32_t) data [offset + 3]) << 24) ;
|
||||
+
|
||||
+ return 0 ;
|
||||
+} /* read_rsrc_marker */
|
||||
+
|
||||
static void
|
||||
read_str (const unsigned char * data, int offset, char * buffer, int buffer_len)
|
||||
{ int k ;
|
||||
@@ -496,6 +511,11 @@ sd2_parse_rsrc_fork (SF_PRIVATE *psf)
|
||||
|
||||
rsrc.type_offset = rsrc.map_offset + 30 ;
|
||||
|
||||
+ if (rsrc.map_offset + 28 > rsrc.rsrc_len)
|
||||
+ { psf_log_printf (psf, "Bad map offset.\n") ;
|
||||
+ goto parse_rsrc_fork_cleanup ;
|
||||
+ } ;
|
||||
+
|
||||
rsrc.type_count = read_short (rsrc.rsrc_data, rsrc.map_offset + 28) + 1 ;
|
||||
if (rsrc.type_count < 1)
|
||||
{ psf_log_printf (psf, "Bad type count.\n") ;
|
||||
@@ -512,7 +532,12 @@ sd2_parse_rsrc_fork (SF_PRIVATE *psf)
|
||||
|
||||
rsrc.str_index = -1 ;
|
||||
for (k = 0 ; k < rsrc.type_count ; k ++)
|
||||
- { marker = read_marker (rsrc.rsrc_data, rsrc.type_offset + k * 8) ;
|
||||
+ { if (rsrc.type_offset + k * 8 > rsrc.rsrc_len)
|
||||
+ { psf_log_printf (psf, "Bad rsrc marker.\n") ;
|
||||
+ goto parse_rsrc_fork_cleanup ;
|
||||
+ } ;
|
||||
+
|
||||
+ marker = read_rsrc_marker (&rsrc, rsrc.type_offset + k * 8) ;
|
||||
|
||||
if (marker == STR_MARKER)
|
||||
{ rsrc.str_index = k ;
|
|
@ -1,90 +0,0 @@
|
|||
From d2a87385c1ca1d72918e9a2875d24f202a5093e8 Mon Sep 17 00:00:00 2001
|
||||
From: Erik de Castro Lopo <erikd@mega-nerd.com>
|
||||
Date: Sat, 7 Feb 2015 15:45:10 +1100
|
||||
Subject: [PATCH] src/common.c : Fix a header parsing bug.
|
||||
|
||||
When the file header is bigger that SF_HEADER_LEN, the code would seek
|
||||
instead of reading causing file parse errors.
|
||||
|
||||
The current header parsing and writing code *badly* needs a re-write.
|
||||
---
|
||||
src/common.c | 27 +++++++++++----------------
|
||||
1 file changed, 11 insertions(+), 16 deletions(-)
|
||||
|
||||
diff --git a/src/common.c b/src/common.c
|
||||
index dd4edb7..c6b88cc 100644
|
||||
--- a/src/common.c
|
||||
+++ b/src/common.c
|
||||
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
-** Copyright (C) 1999-2011 Erik de Castro Lopo <erikd@mega-nerd.com>
|
||||
+** Copyright (C) 1999-2015 Erik de Castro Lopo <erikd@mega-nerd.com>
|
||||
**
|
||||
** This program is free software; you can redistribute it and/or modify
|
||||
** it under the terms of the GNU Lesser General Public License as published by
|
||||
@@ -800,21 +800,16 @@ header_read (SF_PRIVATE *psf, void *ptr, int bytes)
|
||||
{ int count = 0 ;
|
||||
|
||||
if (psf->headindex >= SIGNED_SIZEOF (psf->header))
|
||||
- { memset (ptr, 0, SIGNED_SIZEOF (psf->header) - psf->headindex) ;
|
||||
-
|
||||
- /* This is the best that we can do. */
|
||||
- psf_fseek (psf, bytes, SEEK_CUR) ;
|
||||
- return bytes ;
|
||||
- } ;
|
||||
+ return psf_fread (ptr, 1, bytes, psf) ;
|
||||
|
||||
if (psf->headindex + bytes > SIGNED_SIZEOF (psf->header))
|
||||
{ int most ;
|
||||
|
||||
most = SIGNED_SIZEOF (psf->header) - psf->headindex ;
|
||||
psf_fread (psf->header + psf->headend, 1, most, psf) ;
|
||||
- memset ((char *) ptr + most, 0, bytes - most) ;
|
||||
-
|
||||
- psf_fseek (psf, bytes - most, SEEK_CUR) ;
|
||||
+ memcpy (ptr, psf->header + psf->headend, most) ;
|
||||
+ psf->headend = psf->headindex += most ;
|
||||
+ psf_fread ((char *) ptr + most, bytes - most, 1, psf) ;
|
||||
return bytes ;
|
||||
} ;
|
||||
|
||||
@@ -822,7 +817,7 @@ header_read (SF_PRIVATE *psf, void *ptr, int bytes)
|
||||
{ count = psf_fread (psf->header + psf->headend, 1, bytes - (psf->headend - psf->headindex), psf) ;
|
||||
if (count != bytes - (int) (psf->headend - psf->headindex))
|
||||
{ psf_log_printf (psf, "Error : psf_fread returned short count.\n") ;
|
||||
- return 0 ;
|
||||
+ return count ;
|
||||
} ;
|
||||
psf->headend += count ;
|
||||
} ;
|
||||
@@ -836,7 +831,6 @@ header_read (SF_PRIVATE *psf, void *ptr, int bytes)
|
||||
static void
|
||||
header_seek (SF_PRIVATE *psf, sf_count_t position, int whence)
|
||||
{
|
||||
-
|
||||
switch (whence)
|
||||
{ case SEEK_SET :
|
||||
if (position > SIGNED_SIZEOF (psf->header))
|
||||
@@ -885,8 +879,7 @@ header_seek (SF_PRIVATE *psf, sf_count_t position, int whence)
|
||||
|
||||
static int
|
||||
header_gets (SF_PRIVATE *psf, char *ptr, int bufsize)
|
||||
-{
|
||||
- int k ;
|
||||
+{ int k ;
|
||||
|
||||
for (k = 0 ; k < bufsize - 1 ; k++)
|
||||
{ if (psf->headindex < psf->headend)
|
||||
@@ -1073,8 +1066,10 @@ psf_binheader_readf (SF_PRIVATE *psf, char const *format, ...)
|
||||
case 'j' :
|
||||
/* Get the seek position first. */
|
||||
count = va_arg (argptr, size_t) ;
|
||||
- header_seek (psf, count, SEEK_CUR) ;
|
||||
- byte_count += count ;
|
||||
+ if (count)
|
||||
+ { header_seek (psf, count, SEEK_CUR) ;
|
||||
+ byte_count += count ;
|
||||
+ } ;
|
||||
break ;
|
||||
|
||||
default :
|
|
@ -1,16 +1,16 @@
|
|||
diff -up libsndfile-1.0.25/src/gsm610.c~ libsndfile-1.0.25/src/gsm610.c
|
||||
--- libsndfile-1.0.25/src/gsm610.c~ 2011-01-19 12:12:14.000000000 +0200
|
||||
+++ libsndfile-1.0.25/src/gsm610.c 2011-11-12 02:05:23.385054757 +0200
|
||||
diff -up libsndfile-1.0.28/src/gsm610.c.systemgsm libsndfile-1.0.28/src/gsm610.c
|
||||
--- libsndfile-1.0.28/src/gsm610.c.systemgsm 2016-09-10 10:08:27.000000000 +0200
|
||||
+++ libsndfile-1.0.28/src/gsm610.c 2017-04-11 10:47:40.437162489 +0200
|
||||
@@ -27,7 +27,7 @@
|
||||
#include "sfendian.h"
|
||||
#include "common.h"
|
||||
#include "wav_w64.h"
|
||||
#include "wavlike.h"
|
||||
-#include "GSM610/gsm.h"
|
||||
+#include <gsm.h>
|
||||
|
||||
#define GSM610_BLOCKSIZE 33
|
||||
#define GSM610_SAMPLES 160
|
||||
@@ -388,7 +388,8 @@ gsm610_seek (SF_PRIVATE *psf, int UNUSED
|
||||
@@ -391,7 +391,8 @@ gsm610_seek (SF_PRIVATE *psf, int UNUSED
|
||||
psf_fseek (psf, psf->dataoffset, SEEK_SET) ;
|
||||
pgsm610->blockcount = 0 ;
|
||||
|
||||
|
@ -20,28 +20,28 @@ diff -up libsndfile-1.0.25/src/gsm610.c~ libsndfile-1.0.25/src/gsm610.c
|
|||
if ((SF_CONTAINER (psf->sf.format)) == SF_FORMAT_WAV ||
|
||||
(SF_CONTAINER (psf->sf.format)) == SF_FORMAT_W64)
|
||||
gsm_option (pgsm610->gsm_data, GSM_OPT_WAV49, &true_flag) ;
|
||||
diff -up libsndfile-1.0.25/src/Makefile.am~ libsndfile-1.0.25/src/Makefile.am
|
||||
--- libsndfile-1.0.25/src/Makefile.am~ 2011-07-07 12:40:25.000000000 +0300
|
||||
+++ libsndfile-1.0.25/src/Makefile.am 2011-11-12 01:46:19.760807068 +0200
|
||||
diff -up libsndfile-1.0.28/src/Makefile.am.systemgsm libsndfile-1.0.28/src/Makefile.am
|
||||
--- libsndfile-1.0.28/src/Makefile.am.systemgsm 2017-04-01 09:18:02.000000000 +0200
|
||||
+++ libsndfile-1.0.28/src/Makefile.am 2017-04-11 10:48:43.855620172 +0200
|
||||
@@ -8,7 +8,7 @@ lib_LTLIBRARIES = libsndfile.la
|
||||
include_HEADERS = sndfile.hh
|
||||
nodist_include_HEADERS = sndfile.h
|
||||
|
||||
-noinst_LTLIBRARIES = GSM610/libgsm.la G72x/libg72x.la libcommon.la
|
||||
+noinst_LTLIBRARIES = G72x/libg72x.la libcommon.la
|
||||
-noinst_LTLIBRARIES = GSM610/libgsm.la G72x/libg72x.la ALAC/libalac.la libcommon.la
|
||||
+noinst_LTLIBRARIES = G72x/libg72x.la ALAC/libalac.la libcommon.la
|
||||
|
||||
OS_SPECIFIC_CFLAGS = @OS_SPECIFIC_CFLAGS@
|
||||
OS_SPECIFIC_LINKS = @OS_SPECIFIC_LINKS@
|
||||
@@ -49,7 +49,7 @@ endif
|
||||
libsndfile_la_LDFLAGS = -no-undefined -version-info @SHARED_VERSION_INFO@ @SHLIB_VERSION_ARG@
|
||||
SYMBOL_FILES = Symbols.gnu-binutils Symbols.darwin libsndfile-1.def Symbols.os2 Symbols.static
|
||||
|
||||
@@ -43,7 +43,7 @@ libsndfile_la_CPPFLAGS = -DSNDFILE_EXPOR
|
||||
libsndfile_la_LDFLAGS = -no-undefined -version-info $(SHARED_VERSION_INFO) $(SHLIB_VERSION_ARG)
|
||||
libsndfile_la_SOURCES = $(FILESPECIFIC) $(noinst_HEADERS)
|
||||
nodist_libsndfile_la_SOURCES = $(nodist_include_HEADERS)
|
||||
-libsndfile_la_LIBADD = libcommon.la GSM610/libgsm.la G72x/libg72x.la \
|
||||
+libsndfile_la_LIBADD = libcommon.la -lgsm G72x/libg72x.la \
|
||||
@EXTERNAL_LIBS@ -lm
|
||||
-libsndfile_la_LIBADD = GSM610/libgsm.la G72x/libg72x.la ALAC/libalac.la \
|
||||
+libsndfile_la_LIBADD = -lgsm G72x/libg72x.la ALAC/libalac.la \
|
||||
libcommon.la $(EXTERNAL_XIPH_LIBS) -lm
|
||||
|
||||
libcommon_la_SOURCES = $(COMMON)
|
||||
@@ -57,12 +57,6 @@ libcommon_la_SOURCES = $(COMMON)
|
||||
EXTRA_libsndfile_la_DEPENDENCIES = $(SYMBOL_FILES)
|
||||
@@ -58,12 +58,6 @@ libcommon_la_SOURCES = common.c file_io.
|
||||
#======================================================================
|
||||
# Subdir libraries.
|
||||
|
||||
|
@ -51,6 +51,6 @@ diff -up libsndfile-1.0.25/src/Makefile.am~ libsndfile-1.0.25/src/Makefile.am
|
|||
- GSM610/gsm_option.c GSM610/long_term.c GSM610/lpc.c GSM610/preprocess.c \
|
||||
- GSM610/rpe.c GSM610/short_term.c GSM610/table.c
|
||||
-
|
||||
G72x_libg72x_la_SOURCES = $(COMMON)G72x/g72x.h G72x/g72x_priv.h \
|
||||
G72x_libg72x_la_SOURCES = G72x/g72x.h G72x/g72x_priv.h \
|
||||
G72x/g721.c G72x/g723_16.c G72x/g723_24.c G72x/g723_40.c G72x/g72x.c
|
||||
|
||||
|
|
|
@ -12,7 +12,7 @@ diff --git a/src/file_io.c b/src/file_io.c
|
|||
index 26d3d6d..6ccab78 100644
|
||||
--- a/src/file_io.c
|
||||
+++ b/src/file_io.c
|
||||
@@ -358,6 +358,9 @@ psf_fwrite (const void *ptr, sf_count_t bytes, sf_count_t items, SF_PRIVATE *psf
|
||||
@@ -1322,6 +1322,9 @@ psf_fwrite (const void *ptr, sf_count_t bytes, sf_count_t items, SF_PRIVATE *psf
|
||||
{ sf_count_t total = 0 ;
|
||||
ssize_t count ;
|
||||
|
||||
|
|
|
@ -0,0 +1,64 @@
|
|||
From fd0484aba8e51d16af1e3a880f9b8b857b385eb3 Mon Sep 17 00:00:00 2001
|
||||
From: Erik de Castro Lopo <erikd@mega-nerd.com>
|
||||
Date: Wed, 12 Apr 2017 19:45:30 +1000
|
||||
Subject: [PATCH] FLAC: Fix a buffer read overrun
|
||||
|
||||
Buffer read overrun occurs when reading a FLAC file that switches
|
||||
from 2 channels to one channel mid-stream. Only option is to
|
||||
abort the read.
|
||||
|
||||
Closes: https://github.com/erikd/libsndfile/issues/230
|
||||
---
|
||||
src/common.h | 1 +
|
||||
src/flac.c | 13 +++++++++++++
|
||||
src/sndfile.c | 1 +
|
||||
3 files changed, 15 insertions(+)
|
||||
|
||||
diff --git a/src/common.h b/src/common.h
|
||||
index 0bd810c3..e2669b6a 100644
|
||||
--- a/src/common.h
|
||||
+++ b/src/common.h
|
||||
@@ -725,6 +725,7 @@ enum
|
||||
SFE_FLAC_INIT_DECODER,
|
||||
SFE_FLAC_LOST_SYNC,
|
||||
SFE_FLAC_BAD_SAMPLE_RATE,
|
||||
+ SFE_FLAC_CHANNEL_COUNT_CHANGED,
|
||||
SFE_FLAC_UNKOWN_ERROR,
|
||||
|
||||
SFE_WVE_NOT_WVE,
|
||||
diff --git a/src/flac.c b/src/flac.c
|
||||
index 84de0e26..986a7b8f 100644
|
||||
--- a/src/flac.c
|
||||
+++ b/src/flac.c
|
||||
@@ -434,6 +434,19 @@ sf_flac_meta_callback (const FLAC__StreamDecoder * UNUSED (decoder), const FLAC_
|
||||
|
||||
switch (metadata->type)
|
||||
{ case FLAC__METADATA_TYPE_STREAMINFO :
|
||||
+ if (psf->sf.channels > 0 && psf->sf.channels != (int) metadata->data.stream_info.channels)
|
||||
+ { psf_log_printf (psf, "Error: FLAC stream changed from %d to %d channels\n"
|
||||
+ "Nothing to be but to error out.\n" ,
|
||||
+ psf->sf.channels, metadata->data.stream_info.channels) ;
|
||||
+ psf->error = SFE_FLAC_CHANNEL_COUNT_CHANGED ;
|
||||
+ return ;
|
||||
+ } ;
|
||||
+
|
||||
+ if (psf->sf.channels > 0 && psf->sf.samplerate != (int) metadata->data.stream_info.sample_rate)
|
||||
+ { psf_log_printf (psf, "Warning: FLAC stream changed sample rates from %d to %d.\n"
|
||||
+ "Carrying on as if nothing happened.",
|
||||
+ psf->sf.samplerate, metadata->data.stream_info.sample_rate) ;
|
||||
+ } ;
|
||||
psf->sf.channels = metadata->data.stream_info.channels ;
|
||||
psf->sf.samplerate = metadata->data.stream_info.sample_rate ;
|
||||
psf->sf.frames = metadata->data.stream_info.total_samples ;
|
||||
diff --git a/src/sndfile.c b/src/sndfile.c
|
||||
index 41875610..e2a87be8 100644
|
||||
--- a/src/sndfile.c
|
||||
+++ b/src/sndfile.c
|
||||
@@ -245,6 +245,7 @@ ErrorStruct SndfileErrors [] =
|
||||
{ SFE_FLAC_INIT_DECODER , "Error : problem with initialization of the flac decoder." },
|
||||
{ SFE_FLAC_LOST_SYNC , "Error : flac decoder lost sync." },
|
||||
{ SFE_FLAC_BAD_SAMPLE_RATE, "Error : flac does not support this sample rate." },
|
||||
+ { SFE_FLAC_CHANNEL_COUNT_CHANGED, "Error : flac channel changed mid stream." },
|
||||
{ SFE_FLAC_UNKOWN_ERROR , "Error : unknown error in flac decoder." },
|
||||
|
||||
{ SFE_WVE_NOT_WVE , "Error : not a WVE file." },
|
|
@ -0,0 +1,25 @@
|
|||
From f833c53cb596e9e1792949f762e0b33661822748 Mon Sep 17 00:00:00 2001
|
||||
From: Erik de Castro Lopo <erikd@mega-nerd.com>
|
||||
Date: Tue, 23 May 2017 20:15:24 +1000
|
||||
Subject: [PATCH] src/aiff.c: Fix a buffer read overflow
|
||||
|
||||
Secunia Advisory SA76717.
|
||||
|
||||
Found by: Laurent Delosieres, Secunia Research at Flexera Software
|
||||
---
|
||||
src/aiff.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/aiff.c b/src/aiff.c
|
||||
index 5b5f9f53..45864b76 100644
|
||||
--- a/src/aiff.c
|
||||
+++ b/src/aiff.c
|
||||
@@ -1759,7 +1759,7 @@ aiff_read_chanmap (SF_PRIVATE * psf, unsigned dword)
|
||||
psf_binheader_readf (psf, "j", dword - bytesread) ;
|
||||
|
||||
if (map_info->channel_map != NULL)
|
||||
- { size_t chanmap_size = psf->sf.channels * sizeof (psf->channel_map [0]) ;
|
||||
+ { size_t chanmap_size = SF_MIN (psf->sf.channels, layout_tag & 0xffff) * sizeof (psf->channel_map [0]) ;
|
||||
|
||||
free (psf->channel_map) ;
|
||||
|
|
@ -1,19 +1,16 @@
|
|||
Summary: Library for reading and writing sound files
|
||||
Name: libsndfile
|
||||
Version: 1.0.25
|
||||
Release: 20%{?dist}
|
||||
Version: 1.0.28
|
||||
Release: 3%{?dist}
|
||||
License: LGPLv2+ and GPLv2+ and BSD
|
||||
Group: System Environment/Libraries
|
||||
URL: http://www.mega-nerd.com/libsndfile/
|
||||
Source0: http://www.mega-nerd.com/libsndfile/files/libsndfile-%{version}.tar.gz
|
||||
Patch0: %{name}-1.0.25-system-gsm.patch
|
||||
Patch0: libsndfile-1.0.25-system-gsm.patch
|
||||
Patch1: libsndfile-1.0.25-zerodivfix.patch
|
||||
Patch2: libsndfile-1.0.25-cve2014_9496.patch
|
||||
|
||||
# 2x from upstream, for <= 1.0.25, rhbz#1277899
|
||||
Patch3: libsndfile-1.0.25-d2a87385c1ca1d72918e9a2875d24f202a5093e8.patch
|
||||
Patch4: libsndfile-1.0.25-53c9f0bcaf20203bb4ee56da760a6e5118e6f93b.patch
|
||||
|
||||
Patch2: revert.patch
|
||||
Patch3: libsndfile-1.0.28-flacbufovfl.patch
|
||||
Patch4: libsndfile-1.0.29-cve2017_6892.patch
|
||||
BuildRequires: alsa-lib-devel
|
||||
BuildRequires: flac-devel
|
||||
BuildRequires: libogg-devel
|
||||
|
@ -58,11 +55,11 @@ This package contains command line utilities for libsndfile.
|
|||
|
||||
%prep
|
||||
%setup -q
|
||||
%patch0 -p1
|
||||
%patch0 -p1 -b .systemgsm
|
||||
%patch1 -p1 -b .zerodivfix
|
||||
%patch2 -p1 -b .cve2014_9496
|
||||
%patch3 -p1 -b .d2a87385c1ca1d72918e9a2875d24f202a5093e8
|
||||
%patch4 -p1 -b .53c9f0bcaf20203bb4ee56da760a6e5118e6f93b
|
||||
%patch2 -p1 -b .revert
|
||||
%patch3 -p1 -b .flacbufovfl
|
||||
%patch4 -p1 -b .cve2017_6892
|
||||
rm -r src/GSM610
|
||||
|
||||
%build
|
||||
|
@ -84,8 +81,9 @@ make %{?_smp_mflags}
|
|||
%install
|
||||
make install DESTDIR=$RPM_BUILD_ROOT
|
||||
rm -rf __docs
|
||||
cp -pR $RPM_BUILD_ROOT%{_docdir}/libsndfile1-dev/html __docs
|
||||
rm -rf $RPM_BUILD_ROOT%{_docdir}/libsndfile1-dev
|
||||
mkdir __docs
|
||||
cp -pR $RPM_BUILD_ROOT%{_docdir}/%{name}/* __docs
|
||||
rm -rf $RPM_BUILD_ROOT%{_docdir}/%{name}
|
||||
find %{buildroot} -type f -name "*.la" -delete
|
||||
|
||||
# fix multilib issues
|
||||
|
@ -145,9 +143,10 @@ LD_LIBRARY_PATH=$PWD/src/.libs make check
|
|||
%{_mandir}/man1/sndfile-metadata-get.1*
|
||||
%{_mandir}/man1/sndfile-metadata-set.1*
|
||||
%{_mandir}/man1/sndfile-play.1*
|
||||
%{_mandir}/man1/sndfile-salvage.1*
|
||||
|
||||
%files devel
|
||||
%doc __docs/* ChangeLog
|
||||
%doc __docs ChangeLog
|
||||
%{_includedir}/sndfile.h
|
||||
%{_includedir}/sndfile.hh
|
||||
%{_includedir}/sndfile-%{__isa_bits}.h
|
||||
|
@ -156,6 +155,23 @@ LD_LIBRARY_PATH=$PWD/src/.libs make check
|
|||
|
||||
|
||||
%changelog
|
||||
* Wed Jun 21 2017 Michal Hlavinka <mhlavink@redhat.com> - 1.0.28-3
|
||||
- fix buffer overflow in aiff (CVE-2017-6892,rhbz#1463328)
|
||||
|
||||
* Mon Jun 05 2017 Michal Hlavinka <mhlavink@redhat.com> - 1.0.28-2
|
||||
- fix flac and pcm buffer overflows (CVE-2017-8361,CVE-2017-8362,CVE-2017-8363,CVE-2017-8365)
|
||||
|
||||
* Tue Apr 11 2017 Michal Hlavinka <mhlavink@redhat.com> - 1.0.28-1
|
||||
- updated to 1.0.28
|
||||
- fix possible buffer overflow when parsing crafted ID3 tags (#1440758, CVE-2017-7586)
|
||||
- fix possible buffer overflow when parsing crafted flac file (#1440756, CVE-2017-7585)
|
||||
|
||||
* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.27-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
|
||||
|
||||
* Fri Nov 11 2016 Michal Hlavinka <mhlavink@redhat.com> - 1.0.27-1
|
||||
- updated to 1.0.27
|
||||
|
||||
* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.25-20
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
|
||||
|
||||
|
|
|
@ -0,0 +1,37 @@
|
|||
--- libsndfile-1.0.28/src/rf64.c 2017-04-02 09:43:22.000000000 +0200
|
||||
+++ libsndfile-1.0.27/src/rf64.c 2016-04-01 23:08:53.000000000 +0200
|
||||
@@ -735,25 +734,27 @@ rf64_write_header (SF_PRIVATE *psf, int
|
||||
|
||||
#endif
|
||||
|
||||
- pad_size = psf->dataoffset - 16 - psf->header.indx ;
|
||||
- if (pad_size >= 0)
|
||||
- psf_binheader_writef (psf, "m4z", PAD_MARKER, pad_size, make_size_t (pad_size)) ;
|
||||
+ if (psf->header.indx + 8 < psf->dataoffset)
|
||||
+ { /* Add PAD data if necessary. */
|
||||
+ int k = psf->dataoffset - 16 - psf->header.indx ;
|
||||
+ psf_binheader_writef (psf, "m4z", PAD_MARKER, k, make_size_t (k)) ;
|
||||
+ } ;
|
||||
|
||||
if (wpriv->rf64_downgrade && (psf->filelength < RIFF_DOWNGRADE_BYTES))
|
||||
psf_binheader_writef (psf, "tm8", data_MARKER, psf->datalength) ;
|
||||
else
|
||||
psf_binheader_writef (psf, "m4", data_MARKER, 0xffffffff) ;
|
||||
|
||||
- psf_fwrite (psf->header.ptr, psf->header.indx, 1, psf) ;
|
||||
+ psf_fwrite (psf->header.ptr, psf->header.indx, 1, psf) ;
|
||||
if (psf->error)
|
||||
return psf->error ;
|
||||
|
||||
- if (has_data && psf->dataoffset != psf->header.indx)
|
||||
- { psf_log_printf (psf, "Oooops : has_data && psf->dataoffset != psf->header.indx\n") ;
|
||||
+ if (has_data && psf->dataoffset != psf->header.indx)
|
||||
+ { psf_log_printf (psf, "Oooops : has_data && psf->dataoffset != psf->header.indx\n") ;
|
||||
return psf->error = SFE_INTERNAL ;
|
||||
} ;
|
||||
|
||||
- psf->dataoffset = psf->header.indx ;
|
||||
+ psf->dataoffset = psf->header.indx ;
|
||||
|
||||
if (NOT (has_data))
|
||||
psf_fseek (psf, psf->dataoffset, SEEK_SET) ;
|
Loading…
Reference in New Issue