mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-07-16 04:17:25 +00:00
sox: patch CVE-2017-15642
Details: https://nvd.nist.gov/vuln/detail/CVE-2017-15642 Pick the patch that was identified by Debian[1] as the solution. [1]: https://security-tracker.debian.org/tracker/CVE-2017-15642 Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
This commit is contained in:
@@ -0,0 +1,35 @@
|
|||||||
|
From eb9b33dd01ae7b3cf50894e7d5044fc2db183529 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Mans Rullgard <mans@mansr.com>
|
||||||
|
Date: Mon, 20 Nov 2017 11:03:15 +0000
|
||||||
|
Subject: [PATCH] aiff: fix crash on empty comment chunk (CVE-2017-15642)
|
||||||
|
|
||||||
|
This fixes a use after free and double free if an empty comment
|
||||||
|
chunk follows a non-empty one.
|
||||||
|
|
||||||
|
CVE: CVE-2017-15642
|
||||||
|
Upstream-Status: Backport [https://github.com/mansr/sox/commit/0be259eaa9ce3f3fa587a3ef0cf2c0b9c73167a2]
|
||||||
|
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
|
||||||
|
---
|
||||||
|
src/aiff.c | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/src/aiff.c b/src/aiff.c
|
||||||
|
index 240d2e1..11ddb54 100644
|
||||||
|
--- a/src/aiff.c
|
||||||
|
+++ b/src/aiff.c
|
||||||
|
@@ -62,7 +62,6 @@ int lsx_aiffstartread(sox_format_t * ft)
|
||||||
|
size_t ssndsize = 0;
|
||||||
|
char *annotation;
|
||||||
|
char *author;
|
||||||
|
- char *comment = NULL;
|
||||||
|
char *copyright;
|
||||||
|
char *nametext;
|
||||||
|
|
||||||
|
@@ -270,6 +269,7 @@ int lsx_aiffstartread(sox_format_t * ft)
|
||||||
|
free(annotation);
|
||||||
|
}
|
||||||
|
else if (strncmp(buf, "COMT", (size_t)4) == 0) {
|
||||||
|
+ char *comment = NULL;
|
||||||
|
rc = commentChunk(&comment, "Comment:", ft);
|
||||||
|
if (rc) {
|
||||||
|
/* Fail already called in function */
|
||||||
@@ -36,6 +36,7 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/sox/sox-${PV}.tar.gz \
|
|||||||
file://CVE-2017-15370.patch \
|
file://CVE-2017-15370.patch \
|
||||||
file://CVE-2017-15371.patch \
|
file://CVE-2017-15371.patch \
|
||||||
file://CVE-2017-15372.patch \
|
file://CVE-2017-15372.patch \
|
||||||
|
file://CVE-2017-15642.patch \
|
||||||
"
|
"
|
||||||
SRC_URI[md5sum] = "d04fba2d9245e661f245de0577f48a33"
|
SRC_URI[md5sum] = "d04fba2d9245e661f245de0577f48a33"
|
||||||
SRC_URI[sha256sum] = "b45f598643ffbd8e363ff24d61166ccec4836fea6d3888881b8df53e3bb55f6c"
|
SRC_URI[sha256sum] = "b45f598643ffbd8e363ff24d61166ccec4836fea6d3888881b8df53e3bb55f6c"
|
||||||
|
|||||||
Reference in New Issue
Block a user