diff options
| author | Peter Marko <peter.marko@siemens.com> | 2025-03-16 23:53:54 +0100 |
|---|---|---|
| committer | Khem Raj <raj.khem@gmail.com> | 2025-03-16 16:35:00 -0700 |
| commit | 69bef92b56a7a757a563d1d4680f60548c24fe12 (patch) | |
| tree | 4b8c7c1a1306e911f3a6d24fc180b867e13640f4 | |
| parent | 59085af7b23cc99bef067197ba3f866b86f7f029 (diff) | |
| download | meta-openembedded-69bef92b56a7a757a563d1d4680f60548c24fe12.tar.gz | |
sox: patch CVE-2021-40426
Use patch from Debian:
https://salsa.debian.org/lts-team/packages/sox/-/blob/debian/14.4.2+git20190427-1+deb10u3/debian/patches/CVE-2021-40426.patch
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
| -rw-r--r-- | meta-multimedia/recipes-multimedia/sox/sox/CVE-2021-40426.patch | 38 | ||||
| -rw-r--r-- | meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb | 1 |
2 files changed, 39 insertions, 0 deletions
diff --git a/meta-multimedia/recipes-multimedia/sox/sox/CVE-2021-40426.patch b/meta-multimedia/recipes-multimedia/sox/sox/CVE-2021-40426.patch new file mode 100644 index 0000000000..9e505a03a7 --- /dev/null +++ b/meta-multimedia/recipes-multimedia/sox/sox/CVE-2021-40426.patch | |||
| @@ -0,0 +1,38 @@ | |||
| 1 | From 25f686e0da423326a74fe16c603b6b6b75857fa4 Mon Sep 17 00:00:00 2001 | ||
| 2 | From: Helmut Grohne <helmut@subdivi.de> | ||
| 3 | Date: Sun, 16 Mar 2025 20:07:19 +0100 | ||
| 4 | Subject: [PATCH] sphere: avoid integer underflow | ||
| 5 | |||
| 6 | Source: https://salsa.debian.org/lts-team/packages/sox/-/blob/debian/14.4.2+git20190427-1+deb10u3/debian/patches/CVE-2021-40426.patch | ||
| 7 | |||
| 8 | CVE: CVE-2021-40426 | ||
| 9 | Upstream-Status: Inactive-Upstream [lastrelease: 2015] | ||
| 10 | Signed-off-by: Peter Marko <peter.marko@siemens.com> | ||
| 11 | --- | ||
| 12 | src/sphere.c | 6 ++++-- | ||
| 13 | 1 file changed, 4 insertions(+), 2 deletions(-) | ||
| 14 | |||
| 15 | diff --git a/src/sphere.c b/src/sphere.c | ||
| 16 | index a3fd1c64..9544d160 100644 | ||
| 17 | --- a/src/sphere.c | ||
| 18 | +++ b/src/sphere.c | ||
| 19 | @@ -63,7 +63,8 @@ static int start_read(sox_format_t * ft) | ||
| 20 | return (SOX_EOF); | ||
| 21 | } | ||
| 22 | |||
| 23 | - header_size -= (strlen(buf) + 1); | ||
| 24 | + bytes_read = strlen(buf); | ||
| 25 | + header_size -= bytes_read >= header_size ? header_size : bytes_read + 1; | ||
| 26 | |||
| 27 | while (strncmp(buf, "end_head", (size_t)8) != 0) { | ||
| 28 | if (strncmp(buf, "sample_n_bytes", (size_t)14) == 0) | ||
| 29 | @@ -105,7 +106,8 @@ static int start_read(sox_format_t * ft) | ||
| 30 | return (SOX_EOF); | ||
| 31 | } | ||
| 32 | |||
| 33 | - header_size -= (strlen(buf) + 1); | ||
| 34 | + bytes_read = strlen(buf); | ||
| 35 | + header_size -= bytes_read >= header_size ? header_size : bytes_read + 1; | ||
| 36 | } | ||
| 37 | |||
| 38 | if (!bytes_per_sample) | ||
diff --git a/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb b/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb index 18ca7d504d..022a2d6b59 100644 --- a/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb +++ b/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb | |||
| @@ -32,6 +32,7 @@ SRC_URI = "git://git.code.sf.net/p/sox/code;protocol=https;branch=master \ | |||
| 32 | file://CVE-2021-3643_CVE-2021-23210.patch \ | 32 | file://CVE-2021-3643_CVE-2021-23210.patch \ |
| 33 | file://CVE-2021-23159_CVE-2021-2317.patch \ | 33 | file://CVE-2021-23159_CVE-2021-2317.patch \ |
| 34 | file://CVE-2021-33844.patch \ | 34 | file://CVE-2021-33844.patch \ |
| 35 | file://CVE-2021-40426.patch \ | ||
| 35 | " | 36 | " |
| 36 | 37 | ||
| 37 | # last release was in 2015, use latest hash from 2024-05-30 | 38 | # last release was in 2015, use latest hash from 2024-05-30 |