libsndfile1: CVE-2018-13139

A stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28. Fixed in https://github.com/erikd/libsndfile/issues/397 (From OE-Core rev: 6b5a9078a7c5035590ee4dc2e23582da94d4a104) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2026-06-04 14:09:47 +00:00 · 2018-10-10 09:15:53 +08:00
parent b235f70712
commit f76e2655d4
2 changed files with 36 additions and 0 deletions
@@ -0,0 +1,35 @@
 From 5473aeef7875e54bd0f786fbdd259a35aaee875c Mon Sep 17 00:00:00 2001
 From: Changqing Li <changqing.li@windriver.com>
 Date: Wed, 10 Oct 2018 08:59:30 +0800
 Subject: [PATCH] libsndfile1: patch for CVE-2018-13139
 Upstream-Status: Backport [https://github.com/bwarden/libsndfile/
 commit/df18323c622b54221ee7ace74b177cdcccc152d7]
 CVE: CVE-2018-13139
 Signed-off-by: Changqing Li <changqing.li@windriver.com>
 ---
 programs/sndfile-deinterleave.c | 6 ++++++
 1 file changed, 6 insertions(+)
 diff --git a/programs/sndfile-deinterleave.c b/programs/sndfile-deinterleave.c
 index e27593e..721bee7 100644
 --- a/programs/sndfile-deinterleave.c
 +++ b/programs/sndfile-deinterleave.c
@@ -89,6 +89,12 @@ main (int argc, char **argv)
 		exit (1) ;
 		} ;
 +	if (sfinfo.channels > MAX_CHANNELS)
 +	{	printf ("\nError : Input file '%s' has too many (%d) channels. Limit is %d.\n",
 +			argv [1], sfinfo.channels, MAX_CHANNELS) ;
 +		exit (1) ;
 +		} ;
 +
 	state.channels = sfinfo.channels ;
 	sfinfo.channels = 1 ;
 -- 
 2.7.4
@@ -12,6 +12,7 @@ SRC_URI = "http://www.mega-nerd.com/libsndfile/files/libsndfile-${PV}.tar.gz \
           file://CVE-2017-8363.patch \
           file://CVE-2017-14245-14246.patch \
           file://CVE-2017-14634.patch \
           file://CVE-2018-13139.patch \
          "
 SRC_URI[md5sum] = "646b5f98ce89ac60cdb060fcd398247c"