libsndfile1: bump to version 1.0.31

It seems that the homepage has moved (for a while now) from http://www.mega-nerd.com/libsndfile/ to https://libsndfile.github.io/libsndfile/ On Github, the development group seems to include Erik de Castro Lopo (the original author of libsndfile1). Link: https://github.com/orgs/libsndfile/people All backported CVE patches are in version 1.0.31 (I've checked). The supported format page [1], mentions that Ogg/Opus is supported since 1.0.29, however that isn't currently added in this patch. And it may require libopus. And mp3 is supported at around version 1.1.0, but that version is in beta. This change focuses solely on updating to 1.0.31 and removing all backported patches. [1] https://libsndfile.github.io/libsndfile/formats.html (From OE-Core rev: 6e12ee5f7871150c11dac754145d146ed364b506) Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Alexandru Ardelean <ardeleanalex@gmail.com> 2022-02-24 17:30:33 +0200
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2022-02-25 12:41:24 +0000
commit: fd2c86b06963345683ac5dc4f47f9da8e0c8c69d (patch)
tree: e360ee3b3b03d5a3df55aec435b29b0d4b4f669f /meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2017-8362.patch
parent: e62965346314544919e4a529ca860a242d76b303 (diff)
download: poky-fd2c86b06963345683ac5dc4f47f9da8e0c8c69d.tar.gz
1 files changed, 0 insertions, 59 deletions
diff --git a/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2017-8362.patch b/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2017-8362.patch
deleted file mode 100644
index 9ee7e46a6d..0000000000
--- a/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2017-8362.patch
+++ /dev/null
@@ -1,59 +0,0 @@
-From ef1dbb2df1c0e741486646de40bd638a9c4cd808 Mon Sep 17 00:00:00 2001
-From: Erik de Castro Lopo <erikd@mega-nerd.com>
-Date: Fri, 14 Apr 2017 15:19:16 +1000
-Subject: [PATCH] src/flac.c: Fix a buffer read overflow
-A file (generated by a fuzzer) which increased the number of channels
-from one frame to the next could cause a read beyond the end of the
-buffer provided by libFLAC. Only option is to abort the read.
-Closes: https://github.com/erikd/libsndfile/issues/231
-CVE: CVE-2017-8362
-Upstream-Status: Backport [https://github.com/erikd/libsndfile/commit/ef1dbb2df1c0e741486646de40bd638a9c4cd808]
-Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
---
- src/flac.c | 11 +++++++++--
- 1 file changed, 9 insertions(+), 2 deletions(-)
-diff --git a/src/flac.c b/src/flac.c
-index 5a4f8c2..e4f9aaa 100644
--- a/src/flac.c
-+++ b/src/flac.c
-@@ -169,6 +169,14 @@ flac_buffer_copy (SF_PRIVATE *psf)
-        const int32_t* const *buffer = pflac->wbuffer ;
-        unsigned i = 0, j, offset, channels, len ;
- 
-+       if (psf->sf.channels != (int) frame->header.channels)
-+       {       psf_log_printf (psf, "Error: FLAC frame changed from %d to %d channels\n"
-+                                                                       "Nothing to do but to error out.\n" ,
-+                                                                       psf->sf.channels, frame->header.channels) ;
-+               psf->error = SFE_FLAC_CHANNEL_COUNT_CHANGED ;
-+               return 0 ;
-+               } ;
-+
-        /*
-        **      frame->header.blocksize is variable and we're using a constant blocksize
-        **      of FLAC__MAX_BLOCK_SIZE.
-@@ -202,7 +210,6 @@ flac_buffer_copy (SF_PRIVATE *psf)
-                return 0 ;
-                } ;
- 
-
-        len = SF_MIN (pflac->len, frame->header.blocksize) ;
- 
-        if (pflac->remain % channels != 0)
-@@ -436,7 +443,7 @@ sf_flac_meta_callback (const FLAC__StreamDecoder * UNUSED (decoder), const FLAC_
-        {       case FLAC__METADATA_TYPE_STREAMINFO :
-                        if (psf->sf.channels > 0 && psf->sf.channels != (int) metadata->data.stream_info.channels)
-                        {       psf_log_printf (psf, "Error: FLAC stream changed from %d to %d channels\n"
-                                                                       "Nothing to be but to error out.\n" ,
-+                                                                       "Nothing to do but to error out.\n" ,
-                                                                        psf->sf.channels, metadata->data.stream_info.channels) ;
-                                psf->error = SFE_FLAC_CHANNEL_COUNT_CHANGED ;
-                                return ;
-- 
-2.7.4
author	Alexandru Ardelean <ardeleanalex@gmail.com>	2022-02-24 17:30:33 +0200
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2022-02-25 12:41:24 +0000
commit	fd2c86b06963345683ac5dc4f47f9da8e0c8c69d (patch)
tree	e360ee3b3b03d5a3df55aec435b29b0d4b4f669f /meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2017-8362.patch
parent	e62965346314544919e4a529ca860a242d76b303 (diff)
download	poky-fd2c86b06963345683ac5dc4f47f9da8e0c8c69d.tar.gz

diff --git a/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2017-8362.patch b/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2017-8362.patch deleted file mode 100644 index 9ee7e46a6d..0000000000 --- a/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2017-8362.patch +++ /dev/null
@@ -1,59 +0,0 @@
1	From ef1dbb2df1c0e741486646de40bd638a9c4cd808 Mon Sep 17 00:00:00 2001
2	From: Erik de Castro Lopo <erikd@mega-nerd.com>
3	Date: Fri, 14 Apr 2017 15:19:16 +1000
4	Subject: [PATCH] src/flac.c: Fix a buffer read overflow
5
6	A file (generated by a fuzzer) which increased the number of channels
7	from one frame to the next could cause a read beyond the end of the
8	buffer provided by libFLAC. Only option is to abort the read.
9
10	Closes: https://github.com/erikd/libsndfile/issues/231
11
12	CVE: CVE-2017-8362
13
14	Upstream-Status: Backport [https://github.com/erikd/libsndfile/commit/ef1dbb2df1c0e741486646de40bd638a9c4cd808]
15
16	Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
17	---
18	src/flac.c \| 11 +++++++++--
19	1 file changed, 9 insertions(+), 2 deletions(-)
20
21	diff --git a/src/flac.c b/src/flac.c
22	index 5a4f8c2..e4f9aaa 100644
23	--- a/src/flac.c
24	+++ b/src/flac.c
25	@@ -169,6 +169,14 @@ flac_buffer_copy (SF_PRIVATE *psf)
26	const int32_t* const *buffer = pflac->wbuffer ;
27	unsigned i = 0, j, offset, channels, len ;
28
29	+ if (psf->sf.channels != (int) frame->header.channels)
30	+ { psf_log_printf (psf, "Error: FLAC frame changed from %d to %d channels\n"
31	+ "Nothing to do but to error out.\n" ,
32	+ psf->sf.channels, frame->header.channels) ;
33	+ psf->error = SFE_FLAC_CHANNEL_COUNT_CHANGED ;
34	+ return 0 ;
35	+ } ;
36	+
37	/*
38	** frame->header.blocksize is variable and we're using a constant blocksize
39	** of FLAC__MAX_BLOCK_SIZE.
40	@@ -202,7 +210,6 @@ flac_buffer_copy (SF_PRIVATE *psf)
41	return 0 ;
42	} ;
43
44	-
45	len = SF_MIN (pflac->len, frame->header.blocksize) ;
46
47	if (pflac->remain % channels != 0)
48	@@ -436,7 +443,7 @@ sf_flac_meta_callback (const FLAC__StreamDecoder * UNUSED (decoder), const FLAC_
49	{ case FLAC__METADATA_TYPE_STREAMINFO :
50	if (psf->sf.channels > 0 && psf->sf.channels != (int) metadata->data.stream_info.channels)
51	{ psf_log_printf (psf, "Error: FLAC stream changed from %d to %d channels\n"
52	- "Nothing to be but to error out.\n" ,
53	+ "Nothing to do but to error out.\n" ,
54	psf->sf.channels, metadata->data.stream_info.channels) ;
55	psf->error = SFE_FLAC_CHANNEL_COUNT_CHANGED ;
56	return ;
57	--
58	2.7.4
59