[arch-commits] CVS update of extra/lib/libsndfile (PKGBUILD flac-buffer-overflow.patch)
Tobias Powalowski
tpowa at archlinux.org
Sun Sep 30 11:09:36 UTC 2007
Date: Sunday, September 30, 2007 @ 07:09:36
Author: tpowa
Path: /home/cvs-extra/extra/lib/libsndfile
Added: flac-buffer-overflow.patch (1.1)
Modified: PKGBUILD (1.10 -> 1.11)
'upgpgk: added security fix'
----------------------------+
PKGBUILD | 14 +++++++++-----
flac-buffer-overflow.patch | 40 ++++++++++++++++++++++++++++++++++++++++
2 files changed, 49 insertions(+), 5 deletions(-)
Index: extra/lib/libsndfile/PKGBUILD
diff -u extra/lib/libsndfile/PKGBUILD:1.10 extra/lib/libsndfile/PKGBUILD:1.11
--- extra/lib/libsndfile/PKGBUILD:1.10 Sun Mar 11 04:06:10 2007
+++ extra/lib/libsndfile/PKGBUILD Sun Sep 30 07:09:36 2007
@@ -1,23 +1,27 @@
-# $Id: PKGBUILD,v 1.10 2007/03/11 08:06:10 tpowa Exp $
+# $Id: PKGBUILD,v 1.11 2007/09/30 11:09:36 tpowa Exp $
# Maintainer: Arjan Timmerman <arjan at archlinux.org>
# Contributor: Tom Newsom <Jeepster at gmx.co.uk>
pkgname=libsndfile
pkgver=1.0.17
-pkgrel=1
-options="NOLIBTOOL"
+pkgrel=2
+options=(!libtool)
pkgdesc="a C library for reading and writing files containing sampled sound"
arch=(i686 x86_64)
url="http://www.mega-nerd.com/libsndfile"
depends=('alsa-lib' 'flac>=1.1.4')
-source=(http://www.mega-nerd.com/libsndfile/$pkgname-$pkgver.tar.gz flac-1.1.4.patch)
+source=(http://www.mega-nerd.com/libsndfile/$pkgname-$pkgver.tar.gz flac-1.1.4.patch flac-buffer-overflow.patch)
md5sums=('2d126c35448503f6dbe33934d9581f6b' '87efbec75b3321e4a015ad2dfc3ee965')
build() {
cd $startdir/src/$pkgname-$pkgver
- patch -Np1 -i ../flac-1.1.4.patch
+ patch -Np1 -i ../flac-1.1.4.patch || return 1
+ patch -Np1 -i ../flac-buffer-overflow.patch || return 1
aclocal
automake
./configure --prefix=/usr --disable-sqlite
make || return 1
make DESTDIR=$startdir/pkg install
}
+md5sums=('2d126c35448503f6dbe33934d9581f6b'
+ '87efbec75b3321e4a015ad2dfc3ee965'
+ '6cd2ad05491221f1d3a0e3e5131a5642')
Index: extra/lib/libsndfile/flac-buffer-overflow.patch
diff -u /dev/null extra/lib/libsndfile/flac-buffer-overflow.patch:1.1
--- /dev/null Sun Sep 30 07:09:36 2007
+++ extra/lib/libsndfile/flac-buffer-overflow.patch Sun Sep 30 07:09:36 2007
@@ -0,0 +1,40 @@
+Index: libsndfile-1.0.17/src/flac.c
+===================================================================
+--- libsndfile-1.0.17.orig/src/flac.c
++++ libsndfile-1.0.17/src/flac.c
+@@ -57,7 +57,7 @@ flac_open (SF_PRIVATE *psf)
+ ** Private static functions.
+ */
+
+-#define ENC_BUFFER_SIZE 4096
++#define ENC_BUFFER_SIZE 8192
+
+ typedef enum
+ { PFLAC_PCM_SHORT = 0,
+@@ -202,6 +202,17 @@ flac_buffer_copy (SF_PRIVATE *psf)
+ const FLAC__int32* const *buffer = pflac->wbuffer ;
+ unsigned i = 0, j, offset ;
+
++ /*
++ ** frame->header.blocksize is variable and we're using a constant blocksize
++ ** of FLAC__MAX_BLOCK_SIZE.
++ ** Check our assumptions here.
++ */
++ if (frame->header.blocksize > FLAC__MAX_BLOCK_SIZE)
++ { psf_log_printf (psf, "Ooops : frame->header.blocksize (%d) > FLAC__MAX_BLOCK_SIZE (%d)\n", __func__, __LINE__, frame->header.blocksize, FLAC__MAX_BLOCK_SIZE) ;
++ psf->error = SFE_INTERNAL ;
++ return 0 ;
++ } ;
++
+ if (pflac->ptr == NULL)
+ { /*
+ ** Not sure why this code is here and not elsewhere.
+@@ -210,7 +221,7 @@ flac_buffer_copy (SF_PRIVATE *psf)
+ pflac->bufferbackup = SF_TRUE ;
+ for (i = 0 ; i < frame->header.channels ; i++)
+ { if (pflac->rbuffer [i] == NULL)
+- pflac->rbuffer [i] = calloc (frame->header.blocksize, sizeof (FLAC__int32)) ;
++ pflac->rbuffer [i] = calloc (FLAC__MAX_BLOCK_SIZE, sizeof (FLAC__int32)) ;
+ memcpy (pflac->rbuffer [i], buffer [i], frame->header.blocksize * sizeof (FLAC__int32)) ;
+ } ;
+ pflac->wbuffer = (const FLAC__int32* const*) pflac->rbuffer ;
More information about the arch-commits
mailing list