diff options
| author |   Vijay Anusuri <vanusuri@mvista.com> | 2023-12-19 09:45:43 +0530 |
|---|---|---|
| committer |   Steve Sakoman <steve@sakoman.com> | 2023-12-21 04:09:46 -1000 |
| commit | 9b2cd2d5e0dac297b3a1779e6720e0ee2a3de168 (patch) | |
| tree | ea3492fc1859b09761c1dd424cc58983a4a3cf13 | |
| parent | 7bf11847b18d2f9a7e5467d686af817cb504b206 (diff) | |
| download | openembedded-core-contrib-9b2cd2d5e0dac297b3a1779e6720e0ee2a3de168.tar.gz | |
flac: Backport fix for CVE-2021-0561
Upstream-Status: Backport [https://github.com/xiph/flac/commit/e1575e4a7c5157cbf4e4a16dbd39b74f7174c7be]
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
| -rw-r--r-- | meta/recipes-multimedia/flac/files/CVE-2021-0561.patch | 34 | ||||
| -rw-r--r-- | meta/recipes-multimedia/flac/flac_1.3.3.bb | 1 |
2 files changed, 35 insertions, 0 deletions
diff --git a/meta/recipes-multimedia/flac/files/CVE-2021-0561.patch b/meta/recipes-multimedia/flac/files/CVE-2021-0561.patch new file mode 100644 index 0000000000..e19833a5ad --- /dev/null +++ b/meta/recipes-multimedia/flac/files/CVE-2021-0561.patch @@ -0,0 +1,34 @@ +From e1575e4a7c5157cbf4e4a16dbd39b74f7174c7be Mon Sep 17 00:00:00 2001 +From: Neelkamal Semwal <neelkamal.semwal@ittiam.com> +Date: Fri, 18 Dec 2020 22:28:36 +0530 +Subject: [PATCH] libFlac: Exit at EOS in verify mode + +When verify mode is enabled, once decoder flags end of stream, +encode processing is considered complete. + +CVE-2021-0561 + +Signed-off-by: Ralph Giles <giles@thaumas.net> + +Upstream-Status: Backport [https://github.com/xiph/flac/commit/e1575e4a7c5157cbf4e4a16dbd39b74f7174c7be] +CVE: CVE-2021-0561 +Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> +--- + src/libFLAC/stream_encoder.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/src/libFLAC/stream_encoder.c b/src/libFLAC/stream_encoder.c +index 4c91247fe8..7109802c27 100644 +--- a/src/libFLAC/stream_encoder.c ++++ b/src/libFLAC/stream_encoder.c +@@ -2610,7 +2610,9 @@ FLAC__bool write_bitbuffer_(FLAC__StreamEncoder *encoder, uint32_t samples, FLAC + encoder->private_->verify.needs_magic_hack = true; + } + else { +- if(!FLAC__stream_decoder_process_single(encoder->private_->verify.decoder)) { ++ if(!FLAC__stream_decoder_process_single(encoder->private_->verify.decoder) ++ || (!is_last_block ++ && (FLAC__stream_encoder_get_verify_decoder_state(encoder) == FLAC__STREAM_DECODER_END_OF_STREAM))) { + FLAC__bitwriter_release_buffer(encoder->private_->frame); + FLAC__bitwriter_clear(encoder->private_->frame); + if(encoder->protected_->state != FLAC__STREAM_ENCODER_VERIFY_MISMATCH_IN_AUDIO_DATA) diff --git a/meta/recipes-multimedia/flac/flac_1.3.3.bb b/meta/recipes-multimedia/flac/flac_1.3.3.bb index ca04f36d1a..e593727ac8 100644 --- a/meta/recipes-multimedia/flac/flac_1.3.3.bb +++ b/meta/recipes-multimedia/flac/flac_1.3.3.bb @@ -16,6 +16,7 @@ DEPENDS = "libogg" SRC_URI = "http://downloads.xiph.org/releases/flac/${BP}.tar.xz \ file://CVE-2020-22219.patch \ + file://CVE-2021-0561.patch \ " SRC_URI[md5sum] = "26703ed2858c1fc9ffc05136d13daa69" |