summary refs log tree commit diff
path: root/gnu/packages/patches/audiofile-CVE-2018-13440.patch
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/packages/patches/audiofile-CVE-2018-13440.patch')
-rw-r--r--gnu/packages/patches/audiofile-CVE-2018-13440.patch28
1 files changed, 28 insertions, 0 deletions
diff --git a/gnu/packages/patches/audiofile-CVE-2018-13440.patch b/gnu/packages/patches/audiofile-CVE-2018-13440.patch
new file mode 100644
index 0000000000..ffd65b43b0
--- /dev/null
+++ b/gnu/packages/patches/audiofile-CVE-2018-13440.patch
@@ -0,0 +1,28 @@
+From fde6d79fb8363c4a329a184ef0b107156602b225 Mon Sep 17 00:00:00 2001
+From: Wim Taymans <wtaymans@redhat.com>
+Date: Thu, 27 Sep 2018 10:48:45 +0200
+Subject: [PATCH] ModuleState: handle compress/decompress init failure
+
+When the unit initcompress or initdecompress function fails,
+m_fileModule is NULL. Return AF_FAIL in that case instead of
+causing NULL pointer dereferences later.
+
+Fixes #49
+---
+ libaudiofile/modules/ModuleState.cpp | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/libaudiofile/modules/ModuleState.cpp b/libaudiofile/modules/ModuleState.cpp
+index 0c29d7a..070fd9b 100644
+--- a/libaudiofile/modules/ModuleState.cpp
++++ b/libaudiofile/modules/ModuleState.cpp
+@@ -75,6 +75,9 @@ status ModuleState::initFileModule(AFfilehandle file, Track *track)
+ 		m_fileModule = unit->initcompress(track, file->m_fh, file->m_seekok,
+ 			file->m_fileFormat == AF_FILE_RAWDATA, &chunkFrames);
+ 
++	if (!m_fileModule)
++		return AF_FAIL;
++
+ 	if (unit->needsRebuffer)
+ 	{
+ 		assert(unit->nativeSampleFormat == AF_SAMPFMT_TWOSCOMP);
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-11-19 22:36:01 +0000