From e683dac7abaef619997a9f1610b374b3fde4dd82 Mon Sep 17 00:00:00 2001 From: "Maxin B. John" Date: Thu, 5 Nov 2015 17:56:09 +0200 Subject: libsndfile: fix CVE-2014-9756 Fix divide by zero bug (CVE-2014-9756) (From OE-Core master rev: f47cf07ab9d00ed7eddc8e867138481f7bd2bb7d) (From OE-Core rev: 353f6d9530e9545aee5c77de348abeee9002f046) Signed-off-by: Maxin B. John Signed-off-by: Ross Burton Signed-off-by: Richard Purdie Signed-off-by: Robert Yang Signed-off-by: Richard Purdie --- .../files/libsndfile-fix-CVE-2014-9756.patch | 24 ++++++++++++++++++++++ .../libsndfile/libsndfile1_1.0.25.bb | 1 + 2 files changed, 25 insertions(+) create mode 100644 meta/recipes-multimedia/libsndfile/files/libsndfile-fix-CVE-2014-9756.patch (limited to 'meta/recipes-multimedia/libsndfile') diff --git a/meta/recipes-multimedia/libsndfile/files/libsndfile-fix-CVE-2014-9756.patch b/meta/recipes-multimedia/libsndfile/files/libsndfile-fix-CVE-2014-9756.patch new file mode 100644 index 0000000000..b54b3ba669 --- /dev/null +++ b/meta/recipes-multimedia/libsndfile/files/libsndfile-fix-CVE-2014-9756.patch @@ -0,0 +1,24 @@ +src/file_io.c : Prevent potential divide-by-zero. + +Closes: https://github.com/erikd/libsndfile/issues/92 + +Upstream-Status: Backport + +Fixes CVE-2014-9756 + +Signed-off-by: Erik de Castro Lopo +Signed-off-by: Maxin B. John +--- +diff -Naur libsndfile-1.0.25-orig/src/file_io.c libsndfile-1.0.25/src/file_io.c +--- libsndfile-1.0.25-orig/src/file_io.c 2011-01-19 12:12:28.000000000 +0200 ++++ libsndfile-1.0.25/src/file_io.c 2015-11-04 15:02:04.337395618 +0200 +@@ -358,6 +358,9 @@ + { sf_count_t total = 0 ; + ssize_t count ; + ++ if (bytes == 0 || items == 0) ++ return 0 ; ++ + if (psf->virtual_io) + return psf->vio.write (ptr, bytes*items, psf->vio_user_data) / bytes ; + diff --git a/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.25.bb b/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.25.bb index 3e02f4ea78..be875c227b 100644 --- a/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.25.bb +++ b/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.25.bb @@ -9,6 +9,7 @@ PR = "r2" SRC_URI = "http://www.mega-nerd.com/libsndfile/files/libsndfile-${PV}.tar.gz \ file://0001-src-sd2.c-Fix-segfault-in-SD2-RSRC-parser.patch \ file://0001-src-sd2.c-Fix-two-potential-buffer-read-overflows.patch \ + file://libsndfile-fix-CVE-2014-9756.patch \ " SRC_URI[md5sum] = "e2b7bb637e01022c7d20f95f9c3990a2" -- cgit v1.2.3-54-g00ecf