diff options
author | Alexandru Ardelean <ardeleanalex@gmail.com> | 2022-02-24 17:30:33 +0200 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2022-02-25 12:39:00 +0000 |
commit | 6e12ee5f7871150c11dac754145d146ed364b506 (patch) | |
tree | 5d2ab63ce38b94ea6b821abe4929a593a09b343d /meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2019-3832.patch | |
parent | 7fbab1aefc127f0e1834f51a8a793b0d7e7b4f07 (diff) | |
download | openembedded-core-contrib-6e12ee5f7871150c11dac754145d146ed364b506.tar.gz |
libsndfile1: bump to version 1.0.31
It seems that the homepage has moved (for a while now) from
http://www.mega-nerd.com/libsndfile/
to
https://libsndfile.github.io/libsndfile/
On Github, the development group seems to include Erik de Castro Lopo (the
original author of libsndfile1).
Link: https://github.com/orgs/libsndfile/people
All backported CVE patches are in version 1.0.31 (I've checked).
The supported format page [1], mentions that Ogg/Opus is supported since
1.0.29, however that isn't currently added in this patch. And it may
require libopus.
And mp3 is supported at around version 1.1.0, but that version is in beta.
This change focuses solely on updating to 1.0.31 and removing all
backported patches.
[1] https://libsndfile.github.io/libsndfile/formats.html
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2019-3832.patch')
-rw-r--r-- | meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2019-3832.patch | 37 |
1 files changed, 0 insertions, 37 deletions
diff --git a/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2019-3832.patch b/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2019-3832.patch deleted file mode 100644 index ab37211399..0000000000 --- a/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2019-3832.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 43886efc408c21e1e329086ef70c88860310f25b Mon Sep 17 00:00:00 2001 -From: Emilio Pozuelo Monfort <pochu27@gmail.com> -Date: Tue, 5 Mar 2019 11:27:17 +0100 -Subject: [PATCH] wav_write_header: don't read past the array end - -CVE-2018-19758 wasn't entirely fixed in the fix, so fix it harder. - -CVE: CVE-2019-3832 -Upstream-Status: Backport [7408c4c788ce047d4e652b60a04e7796bcd7267e] -Signed-off-by: Ross Burton <ross.burton@intel.com> - -If loop_count is bigger than the array, truncate it to the array -length (and not to 32k). - -CVE-2019-3832 - ---- - src/wav.c | 6 ++++-- - 1 file changed, 4 insertions(+), 2 deletions(-) - -diff --git a/src/wav.c b/src/wav.c -index daae3cc..8851549 100644 ---- a/src/wav.c -+++ b/src/wav.c -@@ -1094,8 +1094,10 @@ wav_write_header (SF_PRIVATE *psf, int calc_length) - psf_binheader_writef (psf, "44", 0, 0) ; /* SMTPE format */ - psf_binheader_writef (psf, "44", psf->instrument->loop_count, 0) ; - -- /* Loop count is signed 16 bit number so we limit it range to something sensible. */ -- psf->instrument->loop_count &= 0x7fff ; -+ /* Make sure we don't read past the loops array end. */ -+ if (psf->instrument->loop_count > ARRAY_LEN (psf->instrument->loops)) -+ psf->instrument->loop_count = ARRAY_LEN (psf->instrument->loops) ; -+ - for (tmp = 0 ; tmp < psf->instrument->loop_count ; tmp++) - { int type ; - |