diff options
author | Vivek Kumbhar <vkumbhar@mvista.com> | 2023-12-14 16:55:42 +0530 |
---|---|---|
committer | Steve Sakoman <steve@sakoman.com> | 2023-12-21 05:17:55 -1000 |
commit | c7fbe91c2a2db78dd7ba44021ef972ec20da8b3a (patch) | |
tree | 048ec1ef05a1e6f042865cb0b795a7fde8b0a333 | |
parent | 3eda06c358c313368c25c99e6f8b2635ca4b4bd0 (diff) | |
download | poky-c7fbe91c2a2db78dd7ba44021ef972ec20da8b3a.tar.gz |
libsndfile: fix CVE-2021-4156 heap out-of-bounds read in src/flac.c in flac_buffer_copy
Upstream-Status: Backport from https://github.com/libsndfile/libsndfile/commit/ced91d7b971be6173b604154c39279ce90ad87cc
(From OE-Core rev: d922a288f79834d8f1120a4454b97803290e5c36)
Signed-off-by: Vivek Kumbhar <vkumbhar@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
-rw-r--r-- | meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-4156.patch | 30 | ||||
-rw-r--r-- | meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb | 1 |
2 files changed, 31 insertions, 0 deletions
diff --git a/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-4156.patch b/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-4156.patch new file mode 100644 index 0000000000..f7ae82588f --- /dev/null +++ b/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-4156.patch | |||
@@ -0,0 +1,30 @@ | |||
1 | From ced91d7b971be6173b604154c39279ce90ad87cc Mon Sep 17 00:00:00 2001 | ||
2 | From: yuan <ssspeed00@gmail.com> | ||
3 | Date: Tue, 20 Apr 2021 16:16:32 +0800 | ||
4 | Subject: [PATCH] flac: Fix improper buffer reusing (#732) | ||
5 | |||
6 | Upstream-Status: Backport [https://github.com/libsndfile/libsndfile/commit/ced91d7b971be6173b604154c39279ce90ad87cc] | ||
7 | CVE: CVE-2021-4156 | ||
8 | Signed-off-by: Vivek Kumbhar <vkumbhar@mvista.com> | ||
9 | --- | ||
10 | src/flac.c | 4 ++++ | ||
11 | 1 file changed, 4 insertions(+) | ||
12 | |||
13 | diff --git a/src/flac.c b/src/flac.c | ||
14 | index 0be82ac..4fa5cfa 100644 | ||
15 | --- a/src/flac.c | ||
16 | +++ b/src/flac.c | ||
17 | @@ -952,7 +952,11 @@ flac_read_loop (SF_PRIVATE *psf, unsigned len) | ||
18 | /* Decode some more. */ | ||
19 | while (pflac->pos < pflac->len) | ||
20 | { if (FLAC__stream_decoder_process_single (pflac->fsd) == 0) | ||
21 | + { psf_log_printf (psf, "FLAC__stream_decoder_process_single returned false\n") ; | ||
22 | + /* Current frame is busted, so NULL the pointer. */ | ||
23 | + pflac->frame = NULL ; | ||
24 | break ; | ||
25 | + } ; | ||
26 | state = FLAC__stream_decoder_get_state (pflac->fsd) ; | ||
27 | if (state >= FLAC__STREAM_DECODER_END_OF_STREAM) | ||
28 | { psf_log_printf (psf, "FLAC__stream_decoder_get_state returned %s\n", FLAC__StreamDecoderStateString [state]) ; | ||
29 | -- | ||
30 | 2.40.1 | ||
diff --git a/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb b/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb index 32b678ce90..fb7d94ab75 100644 --- a/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb +++ b/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb | |||
@@ -23,6 +23,7 @@ SRC_URI = "http://www.mega-nerd.com/libsndfile/files/libsndfile-${PV}.tar.gz \ | |||
23 | file://CVE-2021-3246_1.patch \ | 23 | file://CVE-2021-3246_1.patch \ |
24 | file://CVE-2021-3246_2.patch \ | 24 | file://CVE-2021-3246_2.patch \ |
25 | file://CVE-2022-33065.patch \ | 25 | file://CVE-2022-33065.patch \ |
26 | file://CVE-2021-4156.patch \ | ||
26 | " | 27 | " |
27 | 28 | ||
28 | SRC_URI[md5sum] = "646b5f98ce89ac60cdb060fcd398247c" | 29 | SRC_URI[md5sum] = "646b5f98ce89ac60cdb060fcd398247c" |