cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

- SECURITY FIX for libsndfile to prevent a DoS as reported in

Browse Source 
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=530831

patch from upstream author in that bugreport.

ok naddy@ (MAINTAINER)
This commit is contained in:
jasper 2009-05-31 17:31:13 +00:00
parent ac544d8f1b
commit 5d64f32984
7 changed files with 143 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
audio/libsndfile/Makefile
View File

@ -1,9 +1,9 @@
# $OpenBSD: Makefile,v 1.16 2009/05/18 21:37:09 kili Exp $
# $OpenBSD: Makefile,v 1.17 2009/05/31 17:31:13 jasper Exp $
COMMENT= library to handle various audio file formats
DISTNAME= libsndfile-1.0.20
PKGNAME= ${DISTNAME}p0
PKGNAME= ${DISTNAME}p1
CATEGORIES= audio
HOMEPAGE= http://www.mega-nerd.com/libsndfile/
SHARED_LIBS += sndfile 3.1 # .1.20

15
audio/libsndfile/patches/patch-src_alaw_c Normal file
View File

@ -0,0 +1,15 @@
$OpenBSD: patch-src_alaw_c,v 1.1 2009/05/31 17:31:13 jasper Exp $
Security fix for SA35266.
--- src/alaw.c.orig Sun Mar 22 13:17:13 2009
+++ src/alaw.c Sun May 31 10:21:16 2009
@@ -69,7 +69,7 @@ alaw_init (SF_PRIVATE *psf)
else
psf->datalength = 0 ;
- psf->sf.frames = psf->datalength / psf->blockwidth ;
+ psf->sf.frames = psf->blockwidth > 0 ? psf->datalength / psf->blockwidth : 0 ;
return 0 ;
} /* alaw_init */

15
audio/libsndfile/patches/patch-src_float32_c Normal file
View File

@ -0,0 +1,15 @@
$OpenBSD: patch-src_float32_c,v 1.1 2009/05/31 17:31:13 jasper Exp $
Security fix for SA35266.
--- src/float32.c.orig Tue Mar 24 20:59:47 2009
+++ src/float32.c Sun May 31 10:21:16 2009
@@ -241,7 +241,7 @@ float32_init (SF_PRIVATE *psf)
else
psf->datalength = 0 ;
- psf->sf.frames = psf->datalength / psf->blockwidth ;
+ psf->sf.frames = psf->blockwidth > 0 ? psf->datalength / psf->blockwidth : 0 ;
return 0 ;
} /* float32_init */

27
audio/libsndfile/patches/patch-src_htk_c Normal file
View File

@ -0,0 +1,27 @@
$OpenBSD: patch-src_htk_c,v 1.1 2009/05/31 17:31:13 jasper Exp $
Security fix for SA35266.
--- src/htk.c.orig Sun Mar 22 13:17:14 2009
+++ src/htk.c Sun May 31 10:21:16 2009
@@ -195,10 +195,17 @@ htk_read_header (SF_PRIVATE *psf)
return SFE_HTK_NOT_WAVEFORM ;
psf->sf.channels = 1 ;
- psf->sf.samplerate = 10000000 / sample_period ;
- psf_log_printf (psf, "HTK Waveform file\n Sample Count : %d\n Sample Period : %d => %d Hz\n",
- sample_count, sample_period, psf->sf.samplerate) ;
+ if (sample_period > 0)
+ { psf->sf.samplerate = 10000000 / sample_period ;
+ psf_log_printf (psf, "HTK Waveform file\n Sample Count : %d\n Sample Period : %d => %d Hz\n",
+ sample_count, sample_period, psf->sf.samplerate) ;
+ }
+ else
+ { psf->sf.samplerate = 16000 ;
+ psf_log_printf (psf, "HTK Waveform file\n Sample Count : %d\n Sample Period : %d (should be > 0) => Guessed sample rate %d Hz\n",
+ sample_count, sample_period, psf->sf.samplerate) ;
+ } ;
psf->sf.format = SF_FORMAT_HTK | SF_FORMAT_PCM_16 ;
psf->bytewidth = 2 ;

15
audio/libsndfile/patches/patch-src_pcm_c Normal file
View File

@ -0,0 +1,15 @@
$OpenBSD: patch-src_pcm_c,v 1.1 2009/05/31 17:31:13 jasper Exp $
Security fix for SA35266.
--- src/pcm.c.orig Sun Mar 22 13:17:14 2009
+++ src/pcm.c Sun May 31 10:21:16 2009
@@ -271,7 +271,7 @@ pcm_init (SF_PRIVATE *psf)
else
psf->datalength = 0 ;
- psf->sf.frames = psf->datalength / psf->blockwidth ;
+ psf->sf.frames = psf->blockwidth > 0 ? psf->datalength / psf->blockwidth : 0 ;
return 0 ;
} /* pcm_init */

54
audio/libsndfile/patches/patch-src_sds_c Normal file
View File

@ -0,0 +1,54 @@
$OpenBSD: patch-src_sds_c,v 1.1 2009/05/31 17:31:13 jasper Exp $
Security fix for SA35266.
--- src/sds.c.orig Sun Mar 22 13:17:14 2009
+++ src/sds.c Sun May 31 10:21:16 2009
@@ -219,21 +219,40 @@ sds_read_header (SF_PRIVATE *psf, SDS_PRIVATE *psds)
if (marker != 0xF07E || byte != 0x01)
return SFE_SDS_NOT_SDS ;
- psf_log_printf (psf, "Midi Sample Dump Standard (.sds)\nF07E\n Midi Channel : %d\n", channel) ;
+ bytesread += psf_binheader_readf (psf, "e2", &sample_no) ;
+ sample_no = SDS_3BYTE_TO_INT_DECODE (sample_no) ;
- bytesread += psf_binheader_readf (psf, "e213", &sample_no, &bitwidth, &samp_period) ;
+ psf_log_printf (psf, "Midi Sample Dump Standard (.sds)\nF07E\n"
+ " Midi Channel : %d\n Sample Number : %d\n",
+ channel, sample_no) ;
- sample_no = SDS_3BYTE_TO_INT_DECODE (sample_no) ;
+ bytesread += psf_binheader_readf (psf, "e13", &bitwidth, &samp_period) ;
+
samp_period = SDS_3BYTE_TO_INT_DECODE (samp_period) ;
psds->bitwidth = bitwidth ;
- psf->sf.samplerate = 1000000000 / samp_period ;
+ if (psds->bitwidth > 1)
+ psf_log_printf (psf, " Bit Width : %d\n", psds->bitwidth) ;
+ else
+ { psf_log_printf (psf, " Bit Width : %d (should be > 1)\n", psds->bitwidth) ;
+ return SFE_SDS_BAD_BIT_WIDTH ;
+ } ;
- psf_log_printf (psf, " Sample Number : %d\n"
- " Bit Width : %d\n"
+ if (samp_period > 0)
+ { psf->sf.samplerate = 1000000000 / samp_period ;
+
+ psf_log_printf (psf, " Sample Period : %d\n"
" Sample Rate : %d\n",
- sample_no, psds->bitwidth, psf->sf.samplerate) ;
+ samp_period, psf->sf.samplerate) ;
+ }
+ else
+ { psf->sf.samplerate = 16000 ;
+
+ psf_log_printf (psf, " Sample Period : %d (should be > 0)\n"
+ " Sample Rate : %d (guessed)\n",
+ samp_period, psf->sf.samplerate) ;
+ } ;
bytesread += psf_binheader_readf (psf, "e3331", &data_length, &sustain_loop_start, &sustain_loop_end, &loop_type) ;

15
audio/libsndfile/patches/patch-src_ulaw_c Normal file
View File

@ -0,0 +1,15 @@
$OpenBSD: patch-src_ulaw_c,v 1.1 2009/05/31 17:31:13 jasper Exp $
Security fix for SA35266.
--- src/ulaw.c.orig Sun Mar 22 13:17:14 2009
+++ src/ulaw.c Sun May 31 10:21:16 2009
@@ -59,7 +59,7 @@ ulaw_init (SF_PRIVATE *psf)
else
psf->datalength = 0 ;
- psf->sf.frames = psf->datalength / psf->blockwidth ;
+ psf->sf.frames = psf->blockwidth > 0 ? psf->datalength / psf->blockwidth : 0 ;
return 0 ;
} /* ulaw_init */