diff options
author | Maxin B. John <maxin.john@intel.com> | 2015-11-05 17:56:09 +0200 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2015-11-25 07:50:33 +0000 |
commit | 6c3f68039d104e23f1267dedfec4aad3fb9fb3ae (patch) | |
tree | 2379de6728a43a53e8b8ddb0ab2d3672cd991304 /meta/recipes-multimedia | |
parent | aa07eb161c229eef6b8852203103c18766e2e369 (diff) | |
download | poky-6c3f68039d104e23f1267dedfec4aad3fb9fb3ae.tar.gz |
libsndfile: fix CVE-2014-9756
Fix divide by zero bug (CVE-2014-9756)
(From OE-Core rev: f47cf07ab9d00ed7eddc8e867138481f7bd2bb7d)
Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-multimedia')
-rw-r--r-- | meta/recipes-multimedia/libsndfile/files/libsndfile-fix-CVE-2014-9756.patch | 24 | ||||
-rw-r--r-- | meta/recipes-multimedia/libsndfile/libsndfile1_1.0.25.bb | 1 |
2 files changed, 25 insertions, 0 deletions
diff --git a/meta/recipes-multimedia/libsndfile/files/libsndfile-fix-CVE-2014-9756.patch b/meta/recipes-multimedia/libsndfile/files/libsndfile-fix-CVE-2014-9756.patch new file mode 100644 index 0000000000..b54b3ba669 --- /dev/null +++ b/meta/recipes-multimedia/libsndfile/files/libsndfile-fix-CVE-2014-9756.patch | |||
@@ -0,0 +1,24 @@ | |||
1 | src/file_io.c : Prevent potential divide-by-zero. | ||
2 | |||
3 | Closes: https://github.com/erikd/libsndfile/issues/92 | ||
4 | |||
5 | Upstream-Status: Backport | ||
6 | |||
7 | Fixes CVE-2014-9756 | ||
8 | |||
9 | Signed-off-by: Erik de Castro Lopo <erikd@mega-nerd.com> | ||
10 | Signed-off-by: Maxin B. John <maxin.john@intel.com> | ||
11 | --- | ||
12 | diff -Naur libsndfile-1.0.25-orig/src/file_io.c libsndfile-1.0.25/src/file_io.c | ||
13 | --- libsndfile-1.0.25-orig/src/file_io.c 2011-01-19 12:12:28.000000000 +0200 | ||
14 | +++ libsndfile-1.0.25/src/file_io.c 2015-11-04 15:02:04.337395618 +0200 | ||
15 | @@ -358,6 +358,9 @@ | ||
16 | { sf_count_t total = 0 ; | ||
17 | ssize_t count ; | ||
18 | |||
19 | + if (bytes == 0 || items == 0) | ||
20 | + return 0 ; | ||
21 | + | ||
22 | if (psf->virtual_io) | ||
23 | return psf->vio.write (ptr, bytes*items, psf->vio_user_data) / bytes ; | ||
24 | |||
diff --git a/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.25.bb b/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.25.bb index 3e02f4ea78..be875c227b 100644 --- a/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.25.bb +++ b/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.25.bb | |||
@@ -9,6 +9,7 @@ PR = "r2" | |||
9 | SRC_URI = "http://www.mega-nerd.com/libsndfile/files/libsndfile-${PV}.tar.gz \ | 9 | SRC_URI = "http://www.mega-nerd.com/libsndfile/files/libsndfile-${PV}.tar.gz \ |
10 | file://0001-src-sd2.c-Fix-segfault-in-SD2-RSRC-parser.patch \ | 10 | file://0001-src-sd2.c-Fix-segfault-in-SD2-RSRC-parser.patch \ |
11 | file://0001-src-sd2.c-Fix-two-potential-buffer-read-overflows.patch \ | 11 | file://0001-src-sd2.c-Fix-two-potential-buffer-read-overflows.patch \ |
12 | file://libsndfile-fix-CVE-2014-9756.patch \ | ||
12 | " | 13 | " |
13 | 14 | ||
14 | SRC_URI[md5sum] = "e2b7bb637e01022c7d20f95f9c3990a2" | 15 | SRC_URI[md5sum] = "e2b7bb637e01022c7d20f95f9c3990a2" |