Projects
openEuler:24.03:SP1:Everything:64G
libsndfile
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
Expand all
Collapse all
Changes of Revision 2
View file
_service:tar_scm:libsndfile.spec
Changed
@@ -1,11 +1,12 @@ Name: libsndfile Version: 1.2.2 -Release: 1 +Release: 2 Summary: Library for reading and writing sound files License: LGPL-2.1-or-later AND GPL-2.0-or-later AND BSD-3-Clause URL: http://libsndfile.github.io/libsndfile Source0: https://github.com/libsndfile/libsndfile/releases/download/%{version}/%{name}-%{version}.tar.xz Patch0: libsndfile-1.0.25-system-gsm.patch +Patch1: backport-CVE-2022-33065.patch BuildRequires: alsa-lib-devel gcc gcc-c++ flac-devel BuildRequires: libogg-devel libtool libvorbis-devel pkgconfig @@ -46,6 +47,7 @@ %setup -q %patch -P0 -p1 -b .system-gsm rm -r src/GSM610 +%patch -P1 -p1 %build autoreconf -I M4 -fiv # for system-gsm patch @@ -127,6 +129,9 @@ %{_mandir}/man1/sndfile-salvage.1* %changelog +* Fri Sep 13 2024 zhangnaichuan <zhangnaichuan@huawei.com> - 1.2.2-2 +- fix CVE-2203-33065 + * Tue Oct 31 2023 haomimi <haomimi@uniontech.com> - 1.2.2-1 - pdate to 1.2.2
View file
_service:tar_scm:backport-CVE-2022-33065.patch
Added
@@ -0,0 +1,42 @@ +From da1fcb0199f6a5c883fd158a20896a0e9c085e02 Mon Sep 17 00:00:00 2001 +From: Alex Stewart <alex.stewart@ni.com> +Date: Wed, 22 Nov 2023 17:15:12 +0800 +Subject: PATCH mat4/mat5: fix int overflow in dataend calculation +The clang sanitizer warns of a possible signed integer overflow when +calculating the `dataend` value in `mat4_read_header()`. + +``` +src/mat4.c:323:41: runtime error: signed integer overflow: 205 * -100663296 cannot be represented in type 'int' +SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior src/mat4.c:323:41 in +src/mat4.c:323:48: runtime error: signed integer overflow: 838860800 * 4 cannot be represented in type 'int' +SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior src/mat4.c:323:48 in +``` + +Cast the offending `rows` and `cols` ints to `sf_count_t` (the type of +`dataend` before performing the calculation, to avoid the issue. + +CVE: CVE-2022-33065 +Fixes: https://github.com/libsndfile/libsndfile/issues/789 +Fixes: https://github.com/libsndfile/libsndfile/issues/833 + +Signed-off-by: Alex Stewart <alex.stewart@ni.com> +--- + src/mat4.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/mat4.c b/src/mat4.c +index 3c73680..e2f98b7 100644 +--- a/src/mat4.c ++++ b/src/mat4.c +@@ -320,7 +320,7 @@ mat4_read_header (SF_PRIVATE *psf) + psf->filelength - psf->dataoffset, psf->sf.channels * psf->sf.frames * psf->bytewidth) ; + } + else if ((psf->filelength - psf->dataoffset) > psf->sf.channels * psf->sf.frames * psf->bytewidth) +- psf->dataend = psf->dataoffset + rows * cols * psf->bytewidth ; ++ psf->dataend = psf->dataoffset + (sf_count_t) rows * (sf_count_t) cols * psf->bytewidth ; + + psf->datalength = psf->filelength - psf->dataoffset - psf->dataend ; + +-- +2.27.0 +
View file
_service
Changed
@@ -2,7 +2,7 @@ <service name="tar_scm"> <param name="scm">git</param> <param name="url">git@gitee.com:src-openeuler/libsndfile.git</param> - <param name="revision">openEuler-24.03-LTS-Next</param> + <param name="revision">openEuler-24.03-LTS-SP1</param> <param name="exclude">*</param> <param name="extract">*</param> </service>
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.
浙ICP备2022010568号-2