libsndfile: fix CVE-2014-9756

Fix divide by zero bug (CVE-2014-9756) (From OE-Core master rev: f47cf07ab9d00ed7eddc8e867138481f7bd2bb7d) (From OE-Core rev: 353f6d9530e9545aee5c77de348abeee9002f046) Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Maxin B. John <maxin.john@intel.com> 2015-11-05 17:56:09 +0200
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2015-12-08 10:27:14 +0000
commit: e683dac7abaef619997a9f1610b374b3fde4dd82 (patch)
tree: 240b0ac3f0164ccfd0841f9a8ecf37df8277972f /meta/recipes-multimedia
parent: 092757ec5bc54d38f5a479f782c886bddd8f30c3 (diff)
download: poky-e683dac7abaef619997a9f1610b374b3fde4dd82.tar.gz
2 files changed, 25 insertions, 0 deletions
diff --git a/meta/recipes-multimedia/libsndfile/files/libsndfile-fix-CVE-2014-9756.patch b/meta/recipes-multimedia/libsndfile/files/libsndfile-fix-CVE-2014-9756.patch
new file mode 100644
index 0000000000..b54b3ba669
--- /dev/null
+++ b/meta/recipes-multimedia/libsndfile/files/libsndfile-fix-CVE-2014-9756.patch
@@ -0,0 +1,24 @@
+src/file_io.c : Prevent potential divide-by-zero.
+Closes: https://github.com/erikd/libsndfile/issues/92
+Upstream-Status: Backport
+Fixes CVE-2014-9756
+Signed-off-by: Erik de Castro Lopo <erikd@mega-nerd.com>
+Signed-off-by: Maxin B. John <maxin.john@intel.com>
+---
+diff -Naur libsndfile-1.0.25-orig/src/file_io.c libsndfile-1.0.25/src/file_io.c
+--- libsndfile-1.0.25-orig/src/file_io.c        2011-01-19 12:12:28.000000000 +0200
+++ libsndfile-1.0.25/src/file_io.c     2015-11-04 15:02:04.337395618 +0200
+@@ -358,6 +358,9 @@
+ {      sf_count_t total = 0 ;
+        ssize_t count ;
+ 
+    if (bytes == 0 || items == 0)
+        return 0 ;
+
+        if (psf->virtual_io)
+                return psf->vio.write (ptr, bytes*items, psf->vio_user_data) / bytes ;
+ 
diff --git a/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.25.bb b/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.25.bb
index 3e02f4ea78..be875c227b 100644
--- a/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.25.bb
+++ b/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.25.bb
@@ -9,6 +9,7 @@ PR = "r2"
 SRC_URI = "http://www.mega-nerd.com/libsndfile/files/libsndfile-${PV}.tar.gz \
           file://0001-src-sd2.c-Fix-segfault-in-SD2-RSRC-parser.patch \
           file://0001-src-sd2.c-Fix-two-potential-buffer-read-overflows.patch \
+           file://libsndfile-fix-CVE-2014-9756.patch \
 "
 SRC_URI[md5sum] = "e2b7bb637e01022c7d20f95f9c3990a2"
author	Maxin B. John <maxin.john@intel.com>	2015-11-05 17:56:09 +0200
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2015-12-08 10:27:14 +0000
commit	e683dac7abaef619997a9f1610b374b3fde4dd82 (patch)
tree	240b0ac3f0164ccfd0841f9a8ecf37df8277972f /meta/recipes-multimedia
parent	092757ec5bc54d38f5a479f782c886bddd8f30c3 (diff)
download	poky-e683dac7abaef619997a9f1610b374b3fde4dd82.tar.gz

diff --git a/meta/recipes-multimedia/libsndfile/files/libsndfile-fix-CVE-2014-9756.patch b/meta/recipes-multimedia/libsndfile/files/libsndfile-fix-CVE-2014-9756.patch new file mode 100644 index 0000000000..b54b3ba669 --- /dev/null +++ b/meta/recipes-multimedia/libsndfile/files/libsndfile-fix-CVE-2014-9756.patch
@@ -0,0 +1,24 @@
		1	src/file_io.c : Prevent potential divide-by-zero.
		2
		3	Closes: https://github.com/erikd/libsndfile/issues/92
		4
		5	Upstream-Status: Backport
		6
		7	Fixes CVE-2014-9756
		8
		9	Signed-off-by: Erik de Castro Lopo <erikd@mega-nerd.com>
		10	Signed-off-by: Maxin B. John <maxin.john@intel.com>
		11	---
		12	diff -Naur libsndfile-1.0.25-orig/src/file_io.c libsndfile-1.0.25/src/file_io.c
		13	--- libsndfile-1.0.25-orig/src/file_io.c 2011-01-19 12:12:28.000000000 +0200
		14	+++ libsndfile-1.0.25/src/file_io.c 2015-11-04 15:02:04.337395618 +0200
		15	@@ -358,6 +358,9 @@
		16	{ sf_count_t total = 0 ;
		17	ssize_t count ;
		18
		19	+ if (bytes == 0 \|\| items == 0)
		20	+ return 0 ;
		21	+
		22	if (psf->virtual_io)
		23	return psf->vio.write (ptr, bytes*items, psf->vio_user_data) / bytes ;
		24


diff --git a/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.25.bb b/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.25.bb index 3e02f4ea78..be875c227b 100644 --- a/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.25.bb +++ b/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.25.bb
@@ -9,6 +9,7 @@ PR = "r2"
9	SRC_URI = "http://www.mega-nerd.com/libsndfile/files/libsndfile-${PV}.tar.gz \	9	SRC_URI = "http://www.mega-nerd.com/libsndfile/files/libsndfile-${PV}.tar.gz \
10	file://0001-src-sd2.c-Fix-segfault-in-SD2-RSRC-parser.patch \	10	file://0001-src-sd2.c-Fix-segfault-in-SD2-RSRC-parser.patch \
11	file://0001-src-sd2.c-Fix-two-potential-buffer-read-overflows.patch \	11	file://0001-src-sd2.c-Fix-two-potential-buffer-read-overflows.patch \
		12	file://libsndfile-fix-CVE-2014-9756.patch \
12	"	13	"
13		14
14	SRC_URI[md5sum] = "e2b7bb637e01022c7d20f95f9c3990a2"	15	SRC_URI[md5sum] = "e2b7bb637e01022c7d20f95f9c3990a2"