From 7d26d5e22f08cb04bdf487462f3addb0e371e4e8 Mon Sep 17 00:00:00 2001 From: jasper Date: Sun, 11 May 2008 22:17:28 +0000 Subject: [PATCH] SECURITY FIX for SA29727 "Speex Header Processing Vulnerability" patch from upstream ok naddy@ (MAINTAINER) --- audio/vorbis-tools/Makefile | 3 ++- .../vorbis-tools/patches/patch-ogg123_speex_format_c | 12 ++++++++++++ 2 files changed, 14 insertions(+), 1 deletion(-) create mode 100644 audio/vorbis-tools/patches/patch-ogg123_speex_format_c diff --git a/audio/vorbis-tools/Makefile b/audio/vorbis-tools/Makefile index e434bb7af67..1bd5fceae1e 100644 --- a/audio/vorbis-tools/Makefile +++ b/audio/vorbis-tools/Makefile @@ -1,8 +1,9 @@ -# $OpenBSD: Makefile,v 1.34 2008/03/17 21:33:06 naddy Exp $ +# $OpenBSD: Makefile,v 1.35 2008/05/11 22:17:28 jasper Exp $ COMMENT= play, encode, and manage Ogg Vorbis files DISTNAME= vorbis-tools-1.2.0 +PKGNAME= ${DISTNAME}p0 CATEGORIES= audio HOMEPAGE= http://www.vorbis.com/ diff --git a/audio/vorbis-tools/patches/patch-ogg123_speex_format_c b/audio/vorbis-tools/patches/patch-ogg123_speex_format_c new file mode 100644 index 00000000000..1083dbc9d09 --- /dev/null +++ b/audio/vorbis-tools/patches/patch-ogg123_speex_format_c @@ -0,0 +1,12 @@ +$OpenBSD: patch-ogg123_speex_format_c,v 1.1 2008/05/11 22:17:28 jasper Exp $ +--- ogg123/speex_format.c.orig Sun May 11 13:26:45 2008 ++++ ogg123/speex_format.c Sun May 11 13:28:22 2008 +@@ -475,7 +475,7 @@ void *process_header(ogg_packet *op, int *frame_size, + cb->printf_error(callback_arg, ERROR, _("Cannot read header")); + return NULL; + } +- if ((*header)->mode >= SPEEX_NB_MODES) { ++ if ((*header)->mode >= SPEEX_NB_MODES || (*header)->mode < 0) { + cb->printf_error(callback_arg, ERROR, + _("Mode number %d does not (any longer) exist in this version"), + (*header)->mode);