diff options
| author | Marius Bakke <mbakke@fastmail.com> | 2019-05-01 23:11:41 +0200 |
|---|---|---|
| committer | Marius Bakke <mbakke@fastmail.com> | 2019-05-01 23:11:41 +0200 |
| commit | 3b458d5462e6bbd852c2dc5c6670d5655abf53f5 (patch) | |
| tree | 4f3ccec0de1c355134369333c17e948e3258d546 /gnu/packages/patches/soundtouch-CVE-2018-1000223.patch | |
| parent | 2ca3fdc2db1aef96fbf702a2f26f5e18ce832038 (diff) | |
| parent | 14da3daafc8dd92fdabd3367694c930440fd72cb (diff) | |
| download | guix-3b458d5462e6bbd852c2dc5c6670d5655abf53f5.tar.gz | |
Merge branch 'master' into core-updates
Diffstat (limited to 'gnu/packages/patches/soundtouch-CVE-2018-1000223.patch')
| -rw-r--r-- | gnu/packages/patches/soundtouch-CVE-2018-1000223.patch | 143 |
1 files changed, 0 insertions, 143 deletions
diff --git a/gnu/packages/patches/soundtouch-CVE-2018-1000223.patch b/gnu/packages/patches/soundtouch-CVE-2018-1000223.patch deleted file mode 100644 index 961a183565..0000000000 --- a/gnu/packages/patches/soundtouch-CVE-2018-1000223.patch +++ /dev/null @@ -1,143 +0,0 @@ -Fix CVE-2018-1000223: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000223 -https://gitlab.com/soundtouch/soundtouch/issues/6 - -Patches copied from upstream source repository: - -https://gitlab.com/soundtouch/soundtouch/commit/9e02d9b04fda6c1f44336ff00bb5af1e2ffc039e -https://gitlab.com/soundtouch/soundtouch/commit/e0240689056e4182fffdc2a16aa6e3425a15e275 -https://gitlab.com/soundtouch/soundtouch/commit/46531e5b92dd80dd9a7947463d6224fc7cb21967 - -From 9e02d9b04fda6c1f44336ff00bb5af1e2ffc039e Mon Sep 17 00:00:00 2001 -From: oparviainen <oparviai@iki.fi> -Date: Sun, 12 Aug 2018 20:24:37 +0300 -Subject: [PATCH] Added minimum size check for WAV header block lengh values - ---- - source/SoundStretch/WavFile.cpp | 10 +++++++++- - 1 file changed, 9 insertions(+), 1 deletion(-) - -diff --git a/source/SoundStretch/WavFile.cpp b/source/SoundStretch/WavFile.cpp -index 7e7ade2..68818c9 100644 ---- a/source/SoundStretch/WavFile.cpp -+++ b/source/SoundStretch/WavFile.cpp -@@ -530,7 +530,11 @@ int WavInFile::readHeaderBlock() - // read length of the format field - if (fread(&nLen, sizeof(int), 1, fptr) != 1) return -1; - // swap byte order if necessary -- _swap32(nLen); // int format_len; -+ _swap32(nLen); -+ -+ // verify that header length isn't smaller than expected -+ if (nLen < sizeof(header.format) - 8) return -1; -+ - header.format.format_len = nLen; - - // calculate how much length differs from expected -@@ -572,6 +576,10 @@ int WavInFile::readHeaderBlock() - if (fread(&nLen, sizeof(int), 1, fptr) != 1) return -1; - // swap byte order if necessary - _swap32(nLen); // int fact_len; -+ -+ // verify that fact length isn't smaller than expected -+ if (nLen < sizeof(header.fact) - 8) return -1; -+ - header.fact.fact_len = nLen; - - // calculate how much length differs from expected --- -2.18.0 - -From e0240689056e4182fffdc2a16aa6e3425a15e275 Mon Sep 17 00:00:00 2001 -From: oparviainen <oparviai@iki.fi> -Date: Mon, 13 Aug 2018 19:16:16 +0300 -Subject: [PATCH] Fixed WavFile header/fact not-too-small check - ---- - source/SoundStretch/WavFile.cpp | 22 +++++++++++----------- - 1 file changed, 11 insertions(+), 11 deletions(-) - -diff --git a/source/SoundStretch/WavFile.cpp b/source/SoundStretch/WavFile.cpp -index 4af7a4c..3421bca 100644 ---- a/source/SoundStretch/WavFile.cpp -+++ b/source/SoundStretch/WavFile.cpp -@@ -518,13 +518,13 @@ int WavInFile::readHeaderBlock() - // swap byte order if necessary - _swap32(nLen); - -- // verify that header length isn't smaller than expected -- if (nLen < sizeof(header.format) - 8) return -1; -+ // calculate how much length differs from expected -+ nDump = nLen - ((int)sizeof(header.format) - 8); - -- header.format.format_len = nLen; -+ // verify that header length isn't smaller than expected structure -+ if (nDump < 0) return -1; - -- // calculate how much length differs from expected -- nDump = nLen - ((int)sizeof(header.format) - 8); -+ header.format.format_len = nLen; - - // if format_len is larger than expected, read only as much data as we've space for - if (nDump > 0) -@@ -561,16 +561,16 @@ int WavInFile::readHeaderBlock() - // read length of the fact field - if (fread(&nLen, sizeof(int), 1, fptr) != 1) return -1; - // swap byte order if necessary -- _swap32(nLen); // int fact_len; -- -- // verify that fact length isn't smaller than expected -- if (nLen < sizeof(header.fact) - 8) return -1; -- -- header.fact.fact_len = nLen; -+ _swap32(nLen); - - // calculate how much length differs from expected - nDump = nLen - ((int)sizeof(header.fact) - 8); - -+ // verify that fact length isn't smaller than expected structure -+ if (nDump < 0) return -1; -+ -+ header.fact.fact_len = nLen; -+ - // if format_len is larger than expected, read only as much data as we've space for - if (nDump > 0) - { --- -2.18.0 - -From 46531e5b92dd80dd9a7947463d6224fc7cb21967 Mon Sep 17 00:00:00 2001 -From: olli <oparviai@iki.fi> -Date: Mon, 13 Aug 2018 19:42:58 +0300 -Subject: [PATCH] Improved WavFile header/fact not-too-small check - ---- - source/SoundStretch/WavFile.cpp | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/source/SoundStretch/WavFile.cpp b/source/SoundStretch/WavFile.cpp -index 3421bca..9d90b8a 100644 ---- a/source/SoundStretch/WavFile.cpp -+++ b/source/SoundStretch/WavFile.cpp -@@ -522,7 +522,7 @@ int WavInFile::readHeaderBlock() - nDump = nLen - ((int)sizeof(header.format) - 8); - - // verify that header length isn't smaller than expected structure -- if (nDump < 0) return -1; -+ if ((nLen < 0) || (nDump < 0)) return -1; - - header.format.format_len = nLen; - -@@ -567,7 +567,7 @@ int WavInFile::readHeaderBlock() - nDump = nLen - ((int)sizeof(header.fact) - 8); - - // verify that fact length isn't smaller than expected structure -- if (nDump < 0) return -1; -+ if ((nLen < 0) || (nDump < 0)) return -1; - - header.fact.fact_len = nLen; - --- -2.18.0 - |