1 files changed, 32 insertions, 0 deletions
diff --git a/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-4156.patch b/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-4156.patch
new file mode 100644
index 0000000000..b0ff1a0885
--- /dev/null
+++ b/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-4156.patch
@@ -0,0 +1,32 @@
+From 5adbc377cd90aa40f0cd56ae325ca70065a8aa19 Mon Sep 17 00:00:00 2001
+From: Changqing Li <changqing.li@windriver.com>
+Date: Thu, 13 Jan 2022 16:45:59 +0800
+Subject: [PATCH] flac: Fix improper buffer reusing
+CVE: CVE-2021-4156.patch
+Upstream-Status: Backport [https://github.com/libsndfile/libsndfile/issues/731]
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ src/flac.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+diff --git a/src/flac.c b/src/flac.c
+index 0be82ac..6548bba 100644
+--- a/src/flac.c
+++ b/src/flac.c
+@@ -952,7 +952,11 @@ flac_read_loop (SF_PRIVATE *psf, unsigned len)
+        /* Decode some more. */
+        while (pflac->pos < pflac->len)
+        {       if (FLAC__stream_decoder_process_single (pflac->fsd) == 0)
+               {       psf_log_printf (psf, "FLAC__stream_decoder_process_single returned false\n") ;
+                       /* Current frame is busted, so NULL the pointer. */
+                       pflac->frame = NULL ;
+                        break ;
+                }
+                state = FLAC__stream_decoder_get_state (pflac->fsd) ;
+                if (state >= FLAC__STREAM_DECODER_END_OF_STREAM)
+                {       psf_log_printf (psf, "FLAC__stream_decoder_get_state returned %s\n", FLAC__StreamDecoderStateString [state]) ;
+-- 
+2.17.1

diff --git a/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-4156.patch b/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-4156.patch new file mode 100644 index 0000000000..b0ff1a0885 --- /dev/null +++ b/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-4156.patch
@@ -0,0 +1,32 @@
	1	From 5adbc377cd90aa40f0cd56ae325ca70065a8aa19 Mon Sep 17 00:00:00 2001
	2	From: Changqing Li <changqing.li@windriver.com>
	3	Date: Thu, 13 Jan 2022 16:45:59 +0800
	4	Subject: [PATCH] flac: Fix improper buffer reusing
	5
	6	CVE: CVE-2021-4156.patch
	7	Upstream-Status: Backport [https://github.com/libsndfile/libsndfile/issues/731]
	8
	9	Signed-off-by: Changqing Li <changqing.li@windriver.com>
	10	---
	11	src/flac.c \| 4 ++++
	12	1 file changed, 4 insertions(+)
	13
	14	diff --git a/src/flac.c b/src/flac.c
	15	index 0be82ac..6548bba 100644
	16	--- a/src/flac.c
	17	+++ b/src/flac.c
	18	@@ -952,7 +952,11 @@ flac_read_loop (SF_PRIVATE *psf, unsigned len)
	19	/* Decode some more. */
	20	while (pflac->pos < pflac->len)
	21	{ if (FLAC__stream_decoder_process_single (pflac->fsd) == 0)
	22	+ { psf_log_printf (psf, "FLAC__stream_decoder_process_single returned false\n") ;
	23	+ /* Current frame is busted, so NULL the pointer. */
	24	+ pflac->frame = NULL ;
	25	break ;
	26	+ }
	27	state = FLAC__stream_decoder_get_state (pflac->fsd) ;
	28	if (state >= FLAC__STREAM_DECODER_END_OF_STREAM)
	29	{ psf_log_printf (psf, "FLAC__stream_decoder_get_state returned %s\n", FLAC__StreamDecoderStateString [state]) ;
	30	--
	31	2.17.1
	32