diff options
-rw-r--r-- | gnu/local.mk | 2 | ||||
-rw-r--r-- | gnu/packages/audio.scm | 16 | ||||
-rw-r--r-- | gnu/packages/patches/soundtouch-CVE-2018-1000223.patch | 143 | ||||
-rw-r--r-- | gnu/packages/patches/soundtouch-CVE-2018-14044-14045.patch | 138 |
4 files changed, 7 insertions, 292 deletions
diff --git a/gnu/local.mk b/gnu/local.mk index 18427de8c7..f79bfd8b93 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1270,8 +1270,6 @@ dist_patch_DATA = \ %D%/packages/patches/snappy-add-O2-flag-in-CmakeLists.txt.patch \ %D%/packages/patches/sooperlooper-build-with-wx-30.patch \ %D%/packages/patches/soundconverter-remove-gconf-dependency.patch \ - %D%/packages/patches/soundtouch-CVE-2018-14044-14045.patch \ - %D%/packages/patches/soundtouch-CVE-2018-1000223.patch \ %D%/packages/patches/sssd-curl-compat.patch \ %D%/packages/patches/steghide-fixes.patch \ %D%/packages/patches/streamlink-update-test.patch \ diff --git a/gnu/packages/audio.scm b/gnu/packages/audio.scm index 7a79f4dcab..49fcc511e6 100644 --- a/gnu/packages/audio.scm +++ b/gnu/packages/audio.scm @@ -2691,18 +2691,16 @@ Tracker 3 S3M and Impulse Tracker IT files.") (define-public soundtouch (package (name "soundtouch") - (version "2.0.0") + (version "2.1.1") (source (origin - (method url-fetch) - (uri - (string-append - "http://www.surina.net/soundtouch/soundtouch-" version ".tar.gz")) - (patches (search-patches "soundtouch-CVE-2018-14044-14045.patch" - "soundtouch-CVE-2018-1000223.patch")) + (method git-fetch) + (uri (git-reference + (url "https://gitlab.com/soundtouch/soundtouch.git") + (commit version))) + (file-name (git-file-name name version)) (sha256 - (base32 - "09cxr02mfyj2bg731bj0i9hh565x8l9p91aclxs8wpqv8b8zf96j")))) + (base32 "0p6jzgfgqw061702dmd2b6r4arz48ac3mmx2qkvvzf8s5jjzykdh")))) (build-system gnu-build-system) (native-inputs `(("autoconf" ,autoconf) diff --git a/gnu/packages/patches/soundtouch-CVE-2018-1000223.patch b/gnu/packages/patches/soundtouch-CVE-2018-1000223.patch deleted file mode 100644 index 961a183565..0000000000 --- a/gnu/packages/patches/soundtouch-CVE-2018-1000223.patch +++ /dev/null @@ -1,143 +0,0 @@ -Fix CVE-2018-1000223: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000223 -https://gitlab.com/soundtouch/soundtouch/issues/6 - -Patches copied from upstream source repository: - -https://gitlab.com/soundtouch/soundtouch/commit/9e02d9b04fda6c1f44336ff00bb5af1e2ffc039e -https://gitlab.com/soundtouch/soundtouch/commit/e0240689056e4182fffdc2a16aa6e3425a15e275 -https://gitlab.com/soundtouch/soundtouch/commit/46531e5b92dd80dd9a7947463d6224fc7cb21967 - -From 9e02d9b04fda6c1f44336ff00bb5af1e2ffc039e Mon Sep 17 00:00:00 2001 -From: oparviainen <oparviai@iki.fi> -Date: Sun, 12 Aug 2018 20:24:37 +0300 -Subject: [PATCH] Added minimum size check for WAV header block lengh values - ---- - source/SoundStretch/WavFile.cpp | 10 +++++++++- - 1 file changed, 9 insertions(+), 1 deletion(-) - -diff --git a/source/SoundStretch/WavFile.cpp b/source/SoundStretch/WavFile.cpp -index 7e7ade2..68818c9 100644 ---- a/source/SoundStretch/WavFile.cpp -+++ b/source/SoundStretch/WavFile.cpp -@@ -530,7 +530,11 @@ int WavInFile::readHeaderBlock() - // read length of the format field - if (fread(&nLen, sizeof(int), 1, fptr) != 1) return -1; - // swap byte order if necessary -- _swap32(nLen); // int format_len; -+ _swap32(nLen); -+ -+ // verify that header length isn't smaller than expected -+ if (nLen < sizeof(header.format) - 8) return -1; -+ - header.format.format_len = nLen; - - // calculate how much length differs from expected -@@ -572,6 +576,10 @@ int WavInFile::readHeaderBlock() - if (fread(&nLen, sizeof(int), 1, fptr) != 1) return -1; - // swap byte order if necessary - _swap32(nLen); // int fact_len; -+ -+ // verify that fact length isn't smaller than expected -+ if (nLen < sizeof(header.fact) - 8) return -1; -+ - header.fact.fact_len = nLen; - - // calculate how much length differs from expected --- -2.18.0 - -From e0240689056e4182fffdc2a16aa6e3425a15e275 Mon Sep 17 00:00:00 2001 -From: oparviainen <oparviai@iki.fi> -Date: Mon, 13 Aug 2018 19:16:16 +0300 -Subject: [PATCH] Fixed WavFile header/fact not-too-small check - ---- - source/SoundStretch/WavFile.cpp | 22 +++++++++++----------- - 1 file changed, 11 insertions(+), 11 deletions(-) - -diff --git a/source/SoundStretch/WavFile.cpp b/source/SoundStretch/WavFile.cpp -index 4af7a4c..3421bca 100644 ---- a/source/SoundStretch/WavFile.cpp -+++ b/source/SoundStretch/WavFile.cpp -@@ -518,13 +518,13 @@ int WavInFile::readHeaderBlock() - // swap byte order if necessary - _swap32(nLen); - -- // verify that header length isn't smaller than expected -- if (nLen < sizeof(header.format) - 8) return -1; -+ // calculate how much length differs from expected -+ nDump = nLen - ((int)sizeof(header.format) - 8); - -- header.format.format_len = nLen; -+ // verify that header length isn't smaller than expected structure -+ if (nDump < 0) return -1; - -- // calculate how much length differs from expected -- nDump = nLen - ((int)sizeof(header.format) - 8); -+ header.format.format_len = nLen; - - // if format_len is larger than expected, read only as much data as we've space for - if (nDump > 0) -@@ -561,16 +561,16 @@ int WavInFile::readHeaderBlock() - // read length of the fact field - if (fread(&nLen, sizeof(int), 1, fptr) != 1) return -1; - // swap byte order if necessary -- _swap32(nLen); // int fact_len; -- -- // verify that fact length isn't smaller than expected -- if (nLen < sizeof(header.fact) - 8) return -1; -- -- header.fact.fact_len = nLen; -+ _swap32(nLen); - - // calculate how much length differs from expected - nDump = nLen - ((int)sizeof(header.fact) - 8); - -+ // verify that fact length isn't smaller than expected structure -+ if (nDump < 0) return -1; -+ -+ header.fact.fact_len = nLen; -+ - // if format_len is larger than expected, read only as much data as we've space for - if (nDump > 0) - { --- -2.18.0 - -From 46531e5b92dd80dd9a7947463d6224fc7cb21967 Mon Sep 17 00:00:00 2001 -From: olli <oparviai@iki.fi> -Date: Mon, 13 Aug 2018 19:42:58 +0300 -Subject: [PATCH] Improved WavFile header/fact not-too-small check - ---- - source/SoundStretch/WavFile.cpp | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/source/SoundStretch/WavFile.cpp b/source/SoundStretch/WavFile.cpp -index 3421bca..9d90b8a 100644 ---- a/source/SoundStretch/WavFile.cpp -+++ b/source/SoundStretch/WavFile.cpp -@@ -522,7 +522,7 @@ int WavInFile::readHeaderBlock() - nDump = nLen - ((int)sizeof(header.format) - 8); - - // verify that header length isn't smaller than expected structure -- if (nDump < 0) return -1; -+ if ((nLen < 0) || (nDump < 0)) return -1; - - header.format.format_len = nLen; - -@@ -567,7 +567,7 @@ int WavInFile::readHeaderBlock() - nDump = nLen - ((int)sizeof(header.fact) - 8); - - // verify that fact length isn't smaller than expected structure -- if (nDump < 0) return -1; -+ if ((nLen < 0) || (nDump < 0)) return -1; - - header.fact.fact_len = nLen; - --- -2.18.0 - diff --git a/gnu/packages/patches/soundtouch-CVE-2018-14044-14045.patch b/gnu/packages/patches/soundtouch-CVE-2018-14044-14045.patch deleted file mode 100644 index cc0282fc7b..0000000000 --- a/gnu/packages/patches/soundtouch-CVE-2018-14044-14045.patch +++ /dev/null @@ -1,138 +0,0 @@ -Fix CVE-2018-14044 and CVE-2018-14045: - -https://gitlab.com/soundtouch/soundtouch/issues/7 -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14044 -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14045 - -Patch copied from upstream source repository: - -https://gitlab.com/soundtouch/soundtouch/commit/107f2c5d201a4dfea1b7f15c5957ff2ac9e5f260 - -From 107f2c5d201a4dfea1b7f15c5957ff2ac9e5f260 Mon Sep 17 00:00:00 2001 -From: oparviainen <oparviai@iki.fi> -Date: Sun, 12 Aug 2018 20:00:56 +0300 -Subject: [PATCH] Replaced illegal-number-of-channel assertions with run-time - exception - ---- - include/FIFOSamplePipe.h | 12 ++++++++++++ - include/STTypes.h | 3 +++ - source/SoundTouch/FIFOSampleBuffer.cpp | 3 ++- - source/SoundTouch/RateTransposer.cpp | 5 ++--- - source/SoundTouch/SoundTouch.cpp | 8 ++------ - source/SoundTouch/TDStretch.cpp | 5 ++--- - 6 files changed, 23 insertions(+), 13 deletions(-) - -diff --git a/include/FIFOSamplePipe.h b/include/FIFOSamplePipe.h -index 4ec9275..b08f836 100644 ---- a/include/FIFOSamplePipe.h -+++ b/include/FIFOSamplePipe.h -@@ -51,6 +51,18 @@ namespace soundtouch - /// Abstract base class for FIFO (first-in-first-out) sample processing classes. - class FIFOSamplePipe - { -+protected: -+ -+ bool verifyNumberOfChannels(int nChannels) const -+ { -+ if ((nChannels > 0) && (nChannels <= SOUNDTOUCH_MAX_CHANNELS)) -+ { -+ return true; -+ } -+ ST_THROW_RT_ERROR("Error: Illegal number of channels"); -+ return false; -+ } -+ - public: - // virtual default destructor - virtual ~FIFOSamplePipe() {} -diff --git a/include/STTypes.h b/include/STTypes.h -index 03e7e07..862505e 100644 ---- a/include/STTypes.h -+++ b/include/STTypes.h -@@ -56,6 +56,9 @@ typedef unsigned long ulong; - - namespace soundtouch - { -+ /// Max allowed number of channels -+ #define SOUNDTOUCH_MAX_CHANNELS 16 -+ - /// Activate these undef's to overrule the possible sampletype - /// setting inherited from some other header file: - //#undef SOUNDTOUCH_INTEGER_SAMPLES -diff --git a/source/SoundTouch/FIFOSampleBuffer.cpp b/source/SoundTouch/FIFOSampleBuffer.cpp -index f0d5e42..706e869 100644 ---- a/source/SoundTouch/FIFOSampleBuffer.cpp -+++ b/source/SoundTouch/FIFOSampleBuffer.cpp -@@ -73,7 +73,8 @@ void FIFOSampleBuffer::setChannels(int numChannels) - { - uint usedBytes; - -- assert(numChannels > 0); -+ if (!verifyNumberOfChannels(numChannels)) return; -+ - usedBytes = channels * samplesInBuffer; - channels = (uint)numChannels; - samplesInBuffer = usedBytes / channels; -diff --git a/source/SoundTouch/RateTransposer.cpp b/source/SoundTouch/RateTransposer.cpp -index 8b66be3..d115a4c 100644 ---- a/source/SoundTouch/RateTransposer.cpp -+++ b/source/SoundTouch/RateTransposer.cpp -@@ -179,11 +179,10 @@ void RateTransposer::processSamples(const SAMPLETYPE *src, uint nSamples) - // Sets the number of channels, 1 = mono, 2 = stereo - void RateTransposer::setChannels(int nChannels) - { -- assert(nChannels > 0); -+ if (!verifyNumberOfChannels(nChannels) || -+ (pTransposer->numChannels == nChannels)) return; - -- if (pTransposer->numChannels == nChannels) return; - pTransposer->setChannels(nChannels); -- - inputBuffer.setChannels(nChannels); - midBuffer.setChannels(nChannels); - outputBuffer.setChannels(nChannels); -diff --git a/source/SoundTouch/SoundTouch.cpp b/source/SoundTouch/SoundTouch.cpp -index 7b6756b..06bdd56 100644 ---- a/source/SoundTouch/SoundTouch.cpp -+++ b/source/SoundTouch/SoundTouch.cpp -@@ -139,18 +139,14 @@ uint SoundTouch::getVersionId() - // Sets the number of channels, 1 = mono, 2 = stereo - void SoundTouch::setChannels(uint numChannels) - { -- /*if (numChannels != 1 && numChannels != 2) -- { -- //ST_THROW_RT_ERROR("Illegal number of channels"); -- return; -- }*/ -+ if (!verifyNumberOfChannels(numChannels)) return; -+ - channels = numChannels; - pRateTransposer->setChannels((int)numChannels); - pTDStretch->setChannels((int)numChannels); - } - - -- - // Sets new rate control value. Normal rate = 1.0, smaller values - // represent slower rate, larger faster rates. - void SoundTouch::setRate(double newRate) -diff --git a/source/SoundTouch/TDStretch.cpp b/source/SoundTouch/TDStretch.cpp -index 149cdb9..be2dc88 100644 ---- a/source/SoundTouch/TDStretch.cpp -+++ b/source/SoundTouch/TDStretch.cpp -@@ -588,9 +588,8 @@ void TDStretch::setTempo(double newTempo) - // Sets the number of channels, 1 = mono, 2 = stereo - void TDStretch::setChannels(int numChannels) - { -- assert(numChannels > 0); -- if (channels == numChannels) return; --// assert(numChannels == 1 || numChannels == 2); -+ if (!verifyNumberOfChannels(numChannels) || -+ (channels == numChannels)) return; - - channels = numChannels; - inputBuffer.setChannels(channels); --- -2.18.0 - |