aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTimo Teräs <timo.teras@iki.fi>2015-01-30 11:07:10 +0200
committerTimo Teräs <timo.teras@iki.fi>2015-01-30 11:07:10 +0200
commit6285fa299ce16c6502150c257935bfdbc3aaf5d9 (patch)
treedf77ae6cbf7891754d47d12680107951036b7cec
parentb5baa711a9758d453cb33a6e23de7163e5b40c66 (diff)
downloadaports-6285fa299ce16c6502150c257935bfdbc3aaf5d9.tar.bz2
aports-6285fa299ce16c6502150c257935bfdbc3aaf5d9.tar.xz
main/sox: security fix for CVE-2014-8145
ref #3822
-rw-r--r--main/sox/0001-Check-for-minimum-size-sphere-headers.patch28
-rw-r--r--main/sox/0002-More-checks-for-invalid-MS-ADPCM-blocks.patch28
-rw-r--r--main/sox/APKBUILD10
3 files changed, 65 insertions, 1 deletions
diff --git a/main/sox/0001-Check-for-minimum-size-sphere-headers.patch b/main/sox/0001-Check-for-minimum-size-sphere-headers.patch
new file mode 100644
index 0000000000..f01fec390d
--- /dev/null
+++ b/main/sox/0001-Check-for-minimum-size-sphere-headers.patch
@@ -0,0 +1,28 @@
+From 55e33019afcb3256cccedf606548b86816f6da59 Mon Sep 17 00:00:00 2001
+From: Chris Bagwell <chris@cnpbagwell.com>
+Date: Sat, 13 Dec 2014 12:48:37 -0600
+Subject: [PATCH 1/2] Check for minimum size sphere headers
+
+---
+ src/sphere.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/src/sphere.c b/src/sphere.c
+index 479a552..a3fd1c6 100644
+--- a/src/sphere.c
++++ b/src/sphere.c
+@@ -47,6 +47,11 @@ static int start_read(sox_format_t * ft)
+
+ /* Determine header size, and allocate a buffer large enough to hold it. */
+ sscanf(fldsval, "%lu", &header_size_ul);
++ if (header_size_ul < 16) {
++ lsx_fail_errno(ft, SOX_EHDR, "Error reading Sphere header");
++ return (SOX_EOF);
++ }
++
+ buf = lsx_malloc(header_size = header_size_ul);
+
+ /* Skip what we have read so far */
+--
+2.1.0
+
diff --git a/main/sox/0002-More-checks-for-invalid-MS-ADPCM-blocks.patch b/main/sox/0002-More-checks-for-invalid-MS-ADPCM-blocks.patch
new file mode 100644
index 0000000000..72c2d765a9
--- /dev/null
+++ b/main/sox/0002-More-checks-for-invalid-MS-ADPCM-blocks.patch
@@ -0,0 +1,28 @@
+From ebb64cddde59ecc9cedf3741ce2337c72148cc0c Mon Sep 17 00:00:00 2001
+From: Chris Bagwell <chris@cnpbagwell.com>
+Date: Sat, 13 Dec 2014 12:49:55 -0600
+Subject: [PATCH 2/2] More checks for invalid MS ADPCM blocks.
+
+If block doesn't exacty match blockAlign then do not allow
+number of samples in invalid size block to ever be more than
+what WAV header defined as samplesPerBlock.
+---
+ src/wav.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/wav.c b/src/wav.c
+index 61d5908..5202556 100644
+--- a/src/wav.c
++++ b/src/wav.c
+@@ -168,7 +168,7 @@ static unsigned short AdpcmReadBlock(sox_format_t * ft)
+ /* work with partial blocks. Specs say it should be null */
+ /* padded but I guess this is better than trailing quiet. */
+ samplesThisBlock = lsx_ms_adpcm_samples_in((size_t)0, (size_t)ft->signal.channels, bytesRead, (size_t)0);
+- if (samplesThisBlock == 0)
++ if (samplesThisBlock == 0 || samplesThisBlock > wav->samplesPerBlock)
+ {
+ lsx_warn("Premature EOF on .wav input file");
+ return 0;
+--
+2.1.0
+
diff --git a/main/sox/APKBUILD b/main/sox/APKBUILD
index ed392708fd..a50bfc64c3 100644
--- a/main/sox/APKBUILD
+++ b/main/sox/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=sox
pkgver=14.4.1
-pkgrel=1
+pkgrel=2
pkgdesc="The Swiss Army knife of sound processing tools"
url="http://sox.sourceforge.net/"
arch="all"
@@ -13,6 +13,8 @@ makedepends="ffmpeg-dev libao-dev libvorbis-dev libogg-dev lame-dev
depends=
subpackages="$pkgname-dev $pkgname-doc"
source="http://downloads.sourceforge.net/sourceforge/$pkgname/$pkgname-$pkgver.tar.gz
+ 0001-Check-for-minimum-size-sphere-headers.patch
+ 0002-More-checks-for-invalid-MS-ADPCM-blocks.patch
sox-uclibc.patch
"
@@ -50,8 +52,14 @@ package() {
|| return 1
}
md5sums="670307f40763490a2bc0d1f322071e7a sox-14.4.1.tar.gz
+fd71128112abc7b79d1f7f87d33b2a28 0001-Check-for-minimum-size-sphere-headers.patch
+f909976e1ac57a2cf10aaecf29d7abbf 0002-More-checks-for-invalid-MS-ADPCM-blocks.patch
b734d72321470f9aaf44464878b1d12f sox-uclibc.patch"
sha256sums="9a8c2c6fe51e608da346a157e111508a957af9e3ecf3de26781d36e9a67fa89b sox-14.4.1.tar.gz
+0c30b66aca138f90b88332fdd8e7b2235eb85803cf96b4e79f27fbc8d84bc07b 0001-Check-for-minimum-size-sphere-headers.patch
+d1de894281ed906214c1606de386ec708efac1bca49a9e8cb8397d3ec6894cc0 0002-More-checks-for-invalid-MS-ADPCM-blocks.patch
0d1447942cf64b0307baa7a16f0a91f553597be187d5c94eadc56d180615717d sox-uclibc.patch"
sha512sums="a35c0f424ffaa51d06291e69b28ae7f2248a750fa8aded911dcd7e123877ecb5142c292f943eb723142c50dbd890b58163c6ef24c9c0573377855fad1b36fb25 sox-14.4.1.tar.gz
+e0231026de666146ca09598d6113645b52c9f4ced3eaf4e437bff0c1507699463e2f4962d1fd55f97cce5077ed01f2f3abda64cf4d027ce78befa2e818378dfa 0001-Check-for-minimum-size-sphere-headers.patch
+2603c995558ff25b67321845b80de3d1f326d374fce0b297ade4a956d5286c49b690b0c30bd2afc19ac5951ff8c203c5b45db9aff59da7cba0252feefb739c12 0002-More-checks-for-invalid-MS-ADPCM-blocks.patch
08c55a0de96733e10544d450f39c2205b4057b9fc024503ec97b1906a075752ee8a4b0a1b4c5bbad2eebec17bcf8d069b22d243a63d28b77c23d545efcca6aec sox-uclibc.patch"