mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-07-16 16:27:27 +00:00
sox: patch CVE-2017-15370
Details: https://nvd.nist.gov/vuln/detail/CVE-2017-15370 Pick the patch that was identified by Debian[1] as the solution. [1]: https://security-tracker.debian.org/tracker/CVE-2017-15370 Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
This commit is contained in:
@@ -0,0 +1,29 @@
|
|||||||
|
From cd7a008958d208345de04c7b6306c79a8a933f32 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Mans Rullgard <mans@mansr.com>
|
||||||
|
Date: Sun, 5 Nov 2017 16:21:23 +0000
|
||||||
|
Subject: [PATCH] wav: ima_adpcm: fix buffer overflow on corrupt input
|
||||||
|
(CVE-2017-15370)
|
||||||
|
|
||||||
|
Add the same check bad block size as was done for MS adpcm in commit
|
||||||
|
f39c574b ("More checks for invalid MS ADPCM blocks").
|
||||||
|
|
||||||
|
CVE: CVE-2017-15370
|
||||||
|
Upstream-Status: Backport [https://github.com/mansr/sox/commit/ef3d8be0f80cbb650e4766b545d61e10d7a24c9e]
|
||||||
|
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
|
||||||
|
---
|
||||||
|
src/wav.c | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/src/wav.c b/src/wav.c
|
||||||
|
index eca1cde..fad334c 100644
|
||||||
|
--- a/src/wav.c
|
||||||
|
+++ b/src/wav.c
|
||||||
|
@@ -127,7 +127,7 @@ static unsigned short ImaAdpcmReadBlock(sox_format_t * ft)
|
||||||
|
/* work with partial blocks. Specs say it should be null */
|
||||||
|
/* padded but I guess this is better than trailing quiet. */
|
||||||
|
samplesThisBlock = lsx_ima_samples_in((size_t)0, (size_t)ft->signal.channels, bytesRead, (size_t) 0);
|
||||||
|
- if (samplesThisBlock == 0)
|
||||||
|
+ if (samplesThisBlock == 0 || samplesThisBlock > wav->samplesPerBlock)
|
||||||
|
{
|
||||||
|
lsx_warn("Premature EOF on .wav input file");
|
||||||
|
return 0;
|
||||||
@@ -33,6 +33,7 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/sox/sox-${PV}.tar.gz \
|
|||||||
file://CVE-2017-11332.patch \
|
file://CVE-2017-11332.patch \
|
||||||
file://CVE-2017-11358.patch \
|
file://CVE-2017-11358.patch \
|
||||||
file://CVE-2017-11359.patch \
|
file://CVE-2017-11359.patch \
|
||||||
|
file://CVE-2017-15370.patch \
|
||||||
"
|
"
|
||||||
SRC_URI[md5sum] = "d04fba2d9245e661f245de0577f48a33"
|
SRC_URI[md5sum] = "d04fba2d9245e661f245de0577f48a33"
|
||||||
SRC_URI[sha256sum] = "b45f598643ffbd8e363ff24d61166ccec4836fea6d3888881b8df53e3bb55f6c"
|
SRC_URI[sha256sum] = "b45f598643ffbd8e363ff24d61166ccec4836fea6d3888881b8df53e3bb55f6c"
|
||||||
|
|||||||
Reference in New Issue
Block a user