summaryrefslogtreecommitdiffstats
path: root/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2017-6892.patch
diff options
context:
space:
mode:
Diffstat (limited to 'poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2017-6892.patch')
-rw-r--r--poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2017-6892.patch34
1 files changed, 34 insertions, 0 deletions
diff --git a/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2017-6892.patch b/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2017-6892.patch
new file mode 100644
index 000000000..89552ac2d
--- /dev/null
+++ b/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2017-6892.patch
@@ -0,0 +1,34 @@
+From f833c53cb596e9e1792949f762e0b33661822748 Mon Sep 17 00:00:00 2001
+From: Erik de Castro Lopo <erikd@mega-nerd.com>
+Date: Tue, 23 May 2017 20:15:24 +1000
+Subject: [PATCH] src/aiff.c: Fix a buffer read overflow
+
+Secunia Advisory SA76717.
+
+Found by: Laurent Delosieres, Secunia Research at Flexera Software
+
+CVE: CVE-2017-6892
+Upstream-Status: Backport
+
+Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com>
+
+---
+ src/aiff.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/aiff.c b/src/aiff.c
+index 5b5f9f5..45864b7 100644
+--- a/src/aiff.c
++++ b/src/aiff.c
+@@ -1759,7 +1759,7 @@ aiff_read_chanmap (SF_PRIVATE * psf, unsigned dword)
+ psf_binheader_readf (psf, "j", dword - bytesread) ;
+
+ if (map_info->channel_map != NULL)
+- { size_t chanmap_size = psf->sf.channels * sizeof (psf->channel_map [0]) ;
++ { size_t chanmap_size = SF_MIN (psf->sf.channels, layout_tag & 0xffff) * sizeof (psf->channel_map [0]) ;
+
+ free (psf->channel_map) ;
+
+--
+1.9.1
+
OpenPOWER on IntegriCloud