| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
| |
Fixes mpd:
http://autobuild.buildroot.net/results/799/7997ccd698f03885f98d00bd150dc3a578e4b161/
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
|
|
| |
Fixes CVE-2015-7747
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
We want to use SPDX identifier for license string as much as possible.
SPDX short identifier for LGPLv2.1/LGPLv2.1+ is LGPL-2.1/LGPL-2.1+.
This change is done using following command.
find . -name "*.mk" | xargs sed -ri '/LICENSE( )?[\+:]?=/s/LGPLv2.1(\+)?/LGPL-2.1\1/g'
Signed-off-by: Rahul Bedarkar <rahulbedarkar89@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
We want to use SPDX identifier for license strings as much as possible.
SPDX short identifier for GPLv2/GPLv2+ is GPL-2.0/GPL-2.0+.
This change is done by using following command.
find . -name "*.mk" | xargs sed -ri '/LICENSE( )?[\+:]?=/s/\<GPLv2\>/GPL-2.0/g'
Signed-off-by: Rahul Bedarkar <rahulbedarkar89@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Integer overflow in modules/MSADPCM.cpp in Audio File Library (aka
audiofile) 0.3.6 allows remote attackers to cause a denial of service
(crash) via a crafted file.
https://blogs.gentoo.org/ago/2017/02/20/audiofile-multiple-ubsan-crashes/
https://github.com/mpruett/audiofile/issues/41
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Heap-based buffer overflow in the decodeBlockWAVE function in IMA.cpp in
Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a
denial of service (crash) via a crafted file.
https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-imadecodeblockwave-ima-cpp
https://github.com/mpruett/audiofile/issues/35
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CVE-2017-6836 / CVE-2017-6838
CVE-2017-6830: A heap-based buffer overflow in the alaw2linear_buf function
in G711.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote
attackers to cause a denial of service (crash) via a crafted file.
https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-alaw2linear_buf-g711-cpp
https://github.com/mpruett/audiofile/issues/34
CVE-2017-6834: A heap-based buffer overflow in the ulaw2linear_buf function
in G711.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote
attackers to cause a denial of service (crash) via a crafted file.
https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-ulaw2linear_buf-g711-cpp
https://github.com/mpruett/audiofile/issues/38
CVE-2017-6836: A heap-based buffer overflow in the Expand3To4Module::run
function in libaudiofile/modules/SimpleModule.h in Audio File Library (aka
audiofile) 0.3.6 allows remote attackers to cause a denial of service
(crash) via a crafted file.
https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-expand3to4modulerun-simplemodule-h
https://github.com/mpruett/audiofile/issues/40
CVE-2017-6838: Integer overflow in sfcommands/sfconvert.c in Audio File
Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of
service (crash) via a crafted file.
https://blogs.gentoo.org/ago/2017/02/20/audiofile-multiple-ubsan-crashes/
https://github.com/mpruett/audiofile/issues/41
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
The decodeSample function in IMA.cpp in Audio File Library (aka audiofile)
0.3.6 allows remote attackers to cause a denial of service (crash) via a
crafted file.
https://blogs.gentoo.org/ago/2017/02/20/audiofile-global-buffer-overflow-in-decodesample-ima-cpp
https://github.com/mpruett/audiofile/issues/33
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CVE-2017-6832 / CVE-2017-6833 / CVE-2017-6835 / CVE-2017-6837
CVE-2017-6827: A heap-based buffer overflow in the
MSADPCM::initializeCoefficients function in MSADPCM.cpp in audiofile (aka
libaudiofile and Audio File Library) 0.3.6 allows remote attackers to have
unspecified impact via a crafted audio file.
https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-msadpcminitializecoefficients-msadpcm-cpp
https://github.com/mpruett/audiofile/issues/32
CVE-2017-6828: A Heap-based buffer overflow in the readValue function in
FileHandle.cpp in audiofile (aka libaudiofile and Audio File Library) 0.3.6
allows remote attackers to have unspecified impact via a crafted WAV file.
https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-readvalue-filehandle-cpp
https://github.com/mpruett/audiofile/issues/31
CVE-2017-6832: A Heap-based buffer overflow in the decodeBlock in
MSADPCM.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote
attackers to cause a denial of service (crash) via a crafted file.
https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-msadpcmdecodeblock-msadpcm-cpp
https://github.com/mpruett/audiofile/issues/36
CVE-2017-6833: The runPull function in libaudiofile/modules/BlockCodec.cpp
in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause
a denial of service (divide-by-zero error and crash) via a crafted file.
https://blogs.gentoo.org/ago/2017/02/20/audiofile-divide-by-zero-in-blockcodecrunpull-blockcodec-cpp
https://github.com/mpruett/audiofile/issues/37
CVE-2017-6835: The reset1 function in libaudiofile/modules/BlockCodec.cpp in
Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a
denial of service (divide-by-zero error and crash) via a crafted file.
https://blogs.gentoo.org/ago/2017/02/20/audiofile-divide-by-zero-in-blockcodecreset1-blockcodec-cpp
https://github.com/mpruett/audiofile/issues/39
CVE-2017-6837: WAVE.cpp in Audio File Library (aka audiofile) 0.3.6 allows
remote attackers to cause a denial of service (crash) via vectors related to
a large number of coefficients.
http://blogs.gentoo.org/ago/2017/02/20/audiofile-multiple-ubsan-crashes/
https://github.com/mpruett/audiofile/issues/41
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes
make[3]: Entering directory '/home/buildroot/br7_freeswitch/output/build/audiofile-0.3.6/libaudiofile/modules'
/bin/bash ../../libtool --tag=CXX --mode=compile /home/buildroot/br7_freeswitch/output/host/usr/bin/i586-buildroot-linux-uclibc-g++ -DHAVE_CONFIG_H -I. -I../.. -I./.. -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -DNDEBUG -Wall -Wno-multichar -fvisibility=hidden -fno-rtti -fno-exceptions -fvisibility-inlines-hidden -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -Os -c -o ALAC.lo ALAC.cpp
libtool: compile: /home/buildroot/br7_freeswitch/output/host/usr/bin/i586-buildroot-linux-uclibc-g++ -DHAVE_CONFIG_H -I. -I../.. -I./.. -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -DNDEBUG -Wall -Wno-multichar -fvisibility=hidden -fno-rtti -fno-exceptions -fvisibility-inlines-hidden -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -Os -c ALAC.cpp -fPIC -DPIC -o .libs/ALAC.o
In file included from ALAC.cpp:29:0:
SimpleModule.h: In instantiation of 'const int signConverter<(FormatCode)0>::kMinSignedValue':
SimpleModule.h:130:52: required from 'signConverter<Format>::UnsignedType signConverter<Format>::signedToUnsigned::operator()(signConverter<Format>::SignedType) [with FormatCode Format = (FormatCode)0; signConverter<Format>::UnsignedType = unsigned char; signConverter<Format>::SignedType = signed char]'
/home/buildroot/br7_freeswitch/output/host/usr/i586-buildroot-linux-uclibc/include/c++/6.1.0/bits/stl_algo.h:4184:24: required from '_OIter std::transform(_IIter, _IIter, _OIter, _UnaryOperation) [with _IIter = const signed char*; _OIter = unsigned char*; _UnaryOperation = signConverter<(FormatCode)0>::signedToUnsigned]'
SimpleModule.h:104:16: required from 'void transform(const void*, void*, size_t) [with UnaryFunction = signConverter<(FormatCode)0>::signedToUnsigned; size_t = unsigned int]'
SimpleModule.h:176:62: required from 'static void ConvertSign::convertSignedToUnsigned(const void*, void*, size_t) [with FormatCode Format = (FormatCode)0; size_t = unsigned int]'
SimpleModule.h:183:51: required from here
SimpleModule.h:126:40: error: left operand of shift expression '(-1 << 7)' is negative [-fpermissive]
static const int kMinSignedValue = -1 << kScaleBits;
~~~^~~~~~~~~~~~~
To reproduce the build error use this defconfig:
BR2_GCC_VERSION_6_X=y
BR2_TOOLCHAIN_BUILDROOT_CXX=y
BR2_PACKAGE_AUDIOFILE=y
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
| |
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Static linking userspace programs such as MPD against libaudiofile fails if
FLAC is available, because libaudiofile is linked against FLAC, but this isn't
expressed in the pkg-config file:
[..]
arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libaudiofile.a(FLAC.o): In function `FLACDecoder::reset2()':
FLAC.cpp:(.text+0x58): undefined reference to `FLAC__stream_decoder_seek_absolute'
/home/buildroot/build/instance-1/output/host/usr/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libaudiofile.a(FLAC.o): In function `FLACEncoder::sync2()':
FLAC.cpp:(.text+0x88): undefined reference to `FLAC__stream_encoder_finish'
/home/buildroot/build/instance-1/output/host/usr/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libaudiofile.a(FLAC.o): In function `FLACDecoder::~FLACDecoder()':
FLAC.cpp:(.text+0xc4): undefined reference to `FLAC__stream_decoder_delete'
/home/buildroot/build/instance-1/output/host/usr/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libaudiofile.a(FLAC.o): In function `FLACEncoder::~FLACEncoder()':
FLAC.cpp:(.text+0x164): undefined reference to `FLAC__stream_encoder_delete'
/home/buildroot/build/instance-1/output/host/usr/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libaudiofile.a(FLAC.o): In function `FLACDecoder::runPull()':
[..]
The Libs.private field is specifically designed for such usage:
>From pkg-config documentation:
Libs.private:
This line should list any private libraries in use. Private
libraries are libraries which are not exposed through your
library, but are needed in the case of static linking.
Therefore, this patch adds a reference to FLAC as well as to lcov in the
Libs.private field of the pkg-config file.
Patch status: Pending
https://github.com/mpruett/audiofile/pull/26
Fixes:
http://autobuild.buildroot.net/results/e95/e959e703a8db81032da27bece295c121e53d830d/
http://autobuild.buildroot.net/results/10b/10bd00209f098e8782016355cb2f46d1d3e7d3a3/
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
| |
|
|
|
| |
Signed-off-by: André Hentschel <nerv@dawncrow.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
These flags are already defined in pkg-autotools.mk.
There is no need to have them twice.
[Thomas: restore += instead of = in the opus package, as suggested by
Yann E. Morin.]
Signed-off-by: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
To be consistent with the recent change of FOO_MAKE_OPT into FOO_MAKE_OPTS,
make the same change for FOO_CONF_OPT.
Sed command used:
find * -type f | xargs sed -i 's#_CONF_OPT\>#&S#g'
Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
|
|
|
| |
This patch lines up the comments in Config.in files that clarify which
toolchain options the package depends on.
Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
| |
|
|
|
| |
Signed-off-by: Alexandre Belloni <alexandre.belloni@free-electrons.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
|
| |
|
|
|
|
|
|
|
| |
Audiofile's shipped configure script is outdated so regenerate to fix
issues like:
http://autobuild.buildroot.net/results/659fd28b0a3fa15ecd1b32e8a08dd441465459c1/
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
|
| |
|
|
|
|
|
| |
Now with FLAC support.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
|
| |
|
|
|
|
| |
Somehow this didn't get committed in 1eb9845ad6 (add license information)
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
|
| |
|
|
|
|
| |
[Peter: License is GPLv2+ LGPLv2+]
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Also remove the redundant $(call ...).
This is a purely mechanical change, performed with
find package linux toolchain boot -name \*.mk | \
xargs sed -i -e 's/$(eval $(call GENTARGETS))/$(eval $(generic-package))/' \
-e 's/$(eval $(call AUTOTARGETS))/$(eval $(autotools-package))/' \
-e 's/$(eval $(call CMAKETARGETS))/$(eval $(cmake-package))/'
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
| |
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
|
|
|
Move audio libraries out of the Audio and Video category into the
Libraries/Audio one.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
|
