diff options
Diffstat (limited to 'meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2017-8363.patch')
-rw-r--r-- | meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2017-8363.patch | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2017-8363.patch b/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2017-8363.patch new file mode 100644 index 0000000000..e526e5a346 --- /dev/null +++ b/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2017-8363.patch | |||
@@ -0,0 +1,37 @@ | |||
1 | From cd7da8dbf6ee4310d21d9e44b385d6797160d9e8 Mon Sep 17 00:00:00 2001 | ||
2 | From: Erik de Castro Lopo <erikd@mega-nerd.com> | ||
3 | Date: Wed, 12 Apr 2017 20:19:34 +1000 | ||
4 | Subject: [PATCH] src/flac.c: Fix another memory leak | ||
5 | |||
6 | When the FLAC decoder was passed a malformed file, the associated | ||
7 | `FLAC__StreamDecoder` object was not getting released. | ||
8 | |||
9 | Closes: https://github.com/erikd/libsndfile/issues/233 | ||
10 | |||
11 | CVE: CVE-2017-8363 | ||
12 | |||
13 | Upstream-Status: Backport [https://github.com/erikd/libsndfile/commit/cd7da8dbf6ee4310d21d9e44b385d6797160d9e8] | ||
14 | |||
15 | Signed-off-by: Jackie Huang <jackie.huang@windriver.com> | ||
16 | --- | ||
17 | src/flac.c | 4 +++- | ||
18 | 1 file changed, 3 insertions(+), 1 deletion(-) | ||
19 | |||
20 | diff --git a/src/flac.c b/src/flac.c | ||
21 | index 986a7b8..5a4f8c2 100644 | ||
22 | --- a/src/flac.c | ||
23 | +++ b/src/flac.c | ||
24 | @@ -841,7 +841,9 @@ flac_read_header (SF_PRIVATE *psf) | ||
25 | |||
26 | psf_log_printf (psf, "End\n") ; | ||
27 | |||
28 | - if (psf->error == 0) | ||
29 | + if (psf->error != 0) | ||
30 | + FLAC__stream_decoder_delete (pflac->fsd) ; | ||
31 | + else | ||
32 | { FLAC__uint64 position ; | ||
33 | |||
34 | FLAC__stream_decoder_get_decode_position (pflac->fsd, &position) ; | ||
35 | -- | ||
36 | 2.7.4 | ||
37 | |||