diff options
author | Kai Kang <kai.kang@windriver.com> | 2022-01-17 00:23:58 +0800 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2022-01-17 11:49:12 +0000 |
commit | 310fe1261d273b58eb8bc0f7ab839c78ddfad245 (patch) | |
tree | c33779e950fa482483cbefd925a31624ec3eb7d3 /meta/recipes-multimedia | |
parent | 63099553f607b34732ad0903651cf97fbebdc46f (diff) | |
download | poky-310fe1261d273b58eb8bc0f7ab839c78ddfad245.tar.gz |
speex: fix CVE-2020-23903
Backport patch to fix CVE-2020-23903.
CVE: CVE-2020-23903
(From OE-Core rev: b8f56e5e9eef32c1e01742f913e205d93548de1f)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-multimedia')
-rw-r--r-- | meta/recipes-multimedia/speex/speex/CVE-2020-23903.patch | 30 | ||||
-rw-r--r-- | meta/recipes-multimedia/speex/speex_1.2.0.bb | 4 |
2 files changed, 33 insertions, 1 deletions
diff --git a/meta/recipes-multimedia/speex/speex/CVE-2020-23903.patch b/meta/recipes-multimedia/speex/speex/CVE-2020-23903.patch new file mode 100644 index 0000000000..eb16e95ffc --- /dev/null +++ b/meta/recipes-multimedia/speex/speex/CVE-2020-23903.patch | |||
@@ -0,0 +1,30 @@ | |||
1 | Backport patch to fix CVE-2020-23903. | ||
2 | |||
3 | CVE: CVE-2020-23903 | ||
4 | Upstream-Status: Backport [https://github.com/xiph/speex/commit/870ff84] | ||
5 | |||
6 | Signed-off-by: Kai Kang <kai.kang@windriver.com> | ||
7 | |||
8 | From 870ff845b32f314aec0036641ffe18aba4916887 Mon Sep 17 00:00:00 2001 | ||
9 | From: Tristan Matthews <tmatth@videolan.org> | ||
10 | Date: Mon, 13 Jul 2020 23:25:03 -0400 | ||
11 | Subject: [PATCH] wav_io: guard against invalid channel numbers | ||
12 | |||
13 | Fixes #13 | ||
14 | --- | ||
15 | src/wav_io.c | 2 +- | ||
16 | 1 file changed, 1 insertion(+), 1 deletion(-) | ||
17 | |||
18 | diff --git a/src/wav_io.c b/src/wav_io.c | ||
19 | index b5183015..09d62eb0 100644 | ||
20 | --- a/src/wav_io.c | ||
21 | +++ b/src/wav_io.c | ||
22 | @@ -111,7 +111,7 @@ int read_wav_header(FILE *file, int *rate, int *channels, int *format, spx_int32 | ||
23 | stmp = le_short(stmp); | ||
24 | *channels = stmp; | ||
25 | |||
26 | - if (stmp>2) | ||
27 | + if (stmp>2 || stmp<1) | ||
28 | { | ||
29 | fprintf (stderr, "Only mono and (intensity) stereo supported\n"); | ||
30 | return -1; | ||
diff --git a/meta/recipes-multimedia/speex/speex_1.2.0.bb b/meta/recipes-multimedia/speex/speex_1.2.0.bb index 3a0911d6f8..ea475f0f1b 100644 --- a/meta/recipes-multimedia/speex/speex_1.2.0.bb +++ b/meta/recipes-multimedia/speex/speex_1.2.0.bb | |||
@@ -7,7 +7,9 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=314649d8ba9dd7045dfb6683f298d0a8 \ | |||
7 | file://include/speex/speex.h;beginline=1;endline=34;md5=ef8c8ea4f7198d71cf3509c6ed05ea50" | 7 | file://include/speex/speex.h;beginline=1;endline=34;md5=ef8c8ea4f7198d71cf3509c6ed05ea50" |
8 | DEPENDS = "libogg speexdsp" | 8 | DEPENDS = "libogg speexdsp" |
9 | 9 | ||
10 | SRC_URI = "http://downloads.xiph.org/releases/speex/speex-${PV}.tar.gz" | 10 | SRC_URI = "http://downloads.xiph.org/releases/speex/speex-${PV}.tar.gz \ |
11 | file://CVE-2020-23903.patch \ | ||
12 | " | ||
11 | UPSTREAM_CHECK_REGEX = "speex-(?P<pver>\d+(\.\d+)+)\.tar" | 13 | UPSTREAM_CHECK_REGEX = "speex-(?P<pver>\d+(\.\d+)+)\.tar" |
12 | 14 | ||
13 | SRC_URI[md5sum] = "8ab7bb2589110dfaf0ed7fa7757dc49c" | 15 | SRC_URI[md5sum] = "8ab7bb2589110dfaf0ed7fa7757dc49c" |