SECURITY FIX for SA29727 "Speex Header Processing Vulnerability"

patch from upstream

ok naddy@ (MAINTAINER)
This commit is contained in:
jasper 2008-05-11 22:17:28 +00:00
parent 6c2917a593
commit 7d26d5e22f
2 changed files with 14 additions and 1 deletions

View File

@ -1,8 +1,9 @@
# $OpenBSD: Makefile,v 1.34 2008/03/17 21:33:06 naddy Exp $
# $OpenBSD: Makefile,v 1.35 2008/05/11 22:17:28 jasper Exp $
COMMENT= play, encode, and manage Ogg Vorbis files
DISTNAME= vorbis-tools-1.2.0
PKGNAME= ${DISTNAME}p0
CATEGORIES= audio
HOMEPAGE= http://www.vorbis.com/

View File

@ -0,0 +1,12 @@
$OpenBSD: patch-ogg123_speex_format_c,v 1.1 2008/05/11 22:17:28 jasper Exp $
--- ogg123/speex_format.c.orig Sun May 11 13:26:45 2008
+++ ogg123/speex_format.c Sun May 11 13:28:22 2008
@@ -475,7 +475,7 @@ void *process_header(ogg_packet *op, int *frame_size,
cb->printf_error(callback_arg, ERROR, _("Cannot read header"));
return NULL;
}
- if ((*header)->mode >= SPEEX_NB_MODES) {
+ if ((*header)->mode >= SPEEX_NB_MODES || (*header)->mode < 0) {
cb->printf_error(callback_arg, ERROR,
_("Mode number %d does not (any longer) exist in this version"),
(*header)->mode);