diff options
author | Peter Marko <peter.marko@siemens.com> | 2024-12-27 11:56:11 +0100 |
---|---|---|
committer | Khem Raj <raj.khem@gmail.com> | 2024-12-27 09:21:44 -0800 |
commit | 634cbcb91c3ab7154e0cda707663a1e4aa500f4a (patch) | |
tree | bbfe255d7768ffbc64125089f0e86aaa86e41b41 | |
parent | 74cda1df0ead2515e8454f1054708132575ae1e3 (diff) | |
download | meta-openembedded-634cbcb91c3ab7154e0cda707663a1e4aa500f4a.tar.gz |
audiofile: fix multiple CVEs
CVE-2017-6827 / CVE-2017-6828 / CVE-2017-6832 / CVE-2017-6833 / CVE-2017-6835 / CVE-2017-6837
Use patch from buildroot:
https://github.com/buildroot/buildroot/commit/cc00bde57fc20d11f8fa4e8ec5f193c091714c55
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
-rw-r--r-- | meta-oe/recipes-multimedia/audiofile/audiofile_0.3.6.bb | 1 | ||||
-rw-r--r-- | meta-oe/recipes-multimedia/audiofile/files/0004-Always-check-the-number-of-coefficients.patch | 45 |
2 files changed, 46 insertions, 0 deletions
diff --git a/meta-oe/recipes-multimedia/audiofile/audiofile_0.3.6.bb b/meta-oe/recipes-multimedia/audiofile/audiofile_0.3.6.bb index d7181e7b5..2c690437c 100644 --- a/meta-oe/recipes-multimedia/audiofile/audiofile_0.3.6.bb +++ b/meta-oe/recipes-multimedia/audiofile/audiofile_0.3.6.bb | |||
@@ -13,6 +13,7 @@ SRC_URI = " \ | |||
13 | file://0001-fix-negative-shift-constants.patch \ | 13 | file://0001-fix-negative-shift-constants.patch \ |
14 | file://0002-fix-build-on-gcc6.patch \ | 14 | file://0002-fix-build-on-gcc6.patch \ |
15 | file://0003-fix-CVE-2015-7747.patch \ | 15 | file://0003-fix-CVE-2015-7747.patch \ |
16 | file://0004-Always-check-the-number-of-coefficients.patch \ | ||
16 | " | 17 | " |
17 | SRC_URI[sha256sum] = "ea2449ad3f201ec590d811db9da6d02ffc5e87a677d06b92ab15363d8cb59782" | 18 | SRC_URI[sha256sum] = "ea2449ad3f201ec590d811db9da6d02ffc5e87a677d06b92ab15363d8cb59782" |
18 | 19 | ||
diff --git a/meta-oe/recipes-multimedia/audiofile/files/0004-Always-check-the-number-of-coefficients.patch b/meta-oe/recipes-multimedia/audiofile/files/0004-Always-check-the-number-of-coefficients.patch new file mode 100644 index 000000000..282f4c01b --- /dev/null +++ b/meta-oe/recipes-multimedia/audiofile/files/0004-Always-check-the-number-of-coefficients.patch | |||
@@ -0,0 +1,45 @@ | |||
1 | From c48e4c6503f7dabd41f11d4c9c7b7f8960e7f2c0 Mon Sep 17 00:00:00 2001 | ||
2 | From: Antonio Larrosa <larrosa@kde.org> | ||
3 | Date: Mon, 6 Mar 2017 12:51:22 +0100 | ||
4 | Subject: [PATCH] Always check the number of coefficients | ||
5 | |||
6 | When building the library with NDEBUG, asserts are eliminated | ||
7 | so it's better to always check that the number of coefficients | ||
8 | is inside the array range. | ||
9 | |||
10 | This fixes the 00191-audiofile-indexoob issue in #41 | ||
11 | |||
12 | Signed-off-by: Peter Korsgaard <peter@korsgaard.com> | ||
13 | |||
14 | CVE: CVE-2017-6827 | ||
15 | CVE: CVE-2017-6828 | ||
16 | CVE: CVE-2017-6832 | ||
17 | CVE: CVE-2017-6833 | ||
18 | CVE: CVE-2017-6835 | ||
19 | CVE: CVE-2017-6837 | ||
20 | Upstream-Status: Inactive-Upstream [lastrelease: 2013] | ||
21 | Signed-off-by: Peter Marko <peter.marko@siemens.com> | ||
22 | --- | ||
23 | libaudiofile/WAVE.cpp | 6 ++++++ | ||
24 | 1 file changed, 6 insertions(+) | ||
25 | |||
26 | diff --git a/libaudiofile/WAVE.cpp b/libaudiofile/WAVE.cpp | ||
27 | index 0e81cf7..61f9541 100644 | ||
28 | --- a/libaudiofile/WAVE.cpp | ||
29 | +++ b/libaudiofile/WAVE.cpp | ||
30 | @@ -281,6 +281,12 @@ status WAVEFile::parseFormat(const Tag &id, uint32_t size) | ||
31 | |||
32 | /* numCoefficients should be at least 7. */ | ||
33 | assert(numCoefficients >= 7 && numCoefficients <= 255); | ||
34 | + if (numCoefficients < 7 || numCoefficients > 255) | ||
35 | + { | ||
36 | + _af_error(AF_BAD_HEADER, | ||
37 | + "Bad number of coefficients"); | ||
38 | + return AF_FAIL; | ||
39 | + } | ||
40 | |||
41 | m_msadpcmNumCoefficients = numCoefficients; | ||
42 | |||
43 | -- | ||
44 | 2.11.0 | ||
45 | |||