aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--main/libsndfile/APKBUILD6
-rw-r--r--main/libsndfile/fix-rf64-varargs-bug.patch30
2 files changed, 34 insertions, 2 deletions
diff --git a/main/libsndfile/APKBUILD b/main/libsndfile/APKBUILD
index cb7004e646..c2e5e77b95 100644
--- a/main/libsndfile/APKBUILD
+++ b/main/libsndfile/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=libsndfile
pkgver=1.0.28
-pkgrel=4
+pkgrel=5
pkgdesc="A C library for reading and writing files containing sampled sound"
url="http://www.mega-nerd.com/libsndfile"
arch="all"
@@ -16,6 +16,7 @@ source="http://www.mega-nerd.com/$pkgname/files/$pkgname-$pkgver.tar.gz
CVE-2017-8362.patch
CVE-2017-12562.patch
CVE-2018-13139.patch
+ fix-rf64-varargs-bug.patch
"
# sporadic testsuite failures on armhf
case $CARCH in arm*) options="!check";; esac
@@ -60,4 +61,5 @@ sha512sums="890731a6b8173f714155ce05eaf6d991b31632c8ab207fbae860968861a107552df2
f98c40696fca3e7bca867df993de55bb4145c23428e65d1a669182eb2293046478ac727ae7f94bb77123ef0355c3c53be4f9d6a432665c90c74687d8d3afd9e3 CVE-2017-8361_CVE-2017-8363_CVE-2017-8365.patch
dfd4b5f1c7471fc416eed5c6040580a020543f145de9103751adaad6ce1c5c6a22abc1cf0ffd381aed3072644cd5ee03ba3598265aa7d202d63167da251cb595 CVE-2017-8362.patch
814139567d90fb07908014e858c341fe933e04dca69b88ad66078910888237bbeba94f85d9e1489883c424f35fca312eb98c21ae2b122d9289bb6418725cd02e CVE-2017-12562.patch
-33817e7c85180635fa239e4ea38973b18312878522639f43071188a995f0e1a35dbca6d133555fb0875292b4b609950ae38e747a6b1949f8ae840db9dc3a2805 CVE-2018-13139.patch"
+33817e7c85180635fa239e4ea38973b18312878522639f43071188a995f0e1a35dbca6d133555fb0875292b4b609950ae38e747a6b1949f8ae840db9dc3a2805 CVE-2018-13139.patch
+0b7ce6bd6c1ec825521974c36b8c6eb5edd17d3c57d5ae3de287fb34a6be7108bc9511abb497538eef36e5883b84f4137fad6fe9a1d150345111de9f068838f9 fix-rf64-varargs-bug.patch"
diff --git a/main/libsndfile/fix-rf64-varargs-bug.patch b/main/libsndfile/fix-rf64-varargs-bug.patch
new file mode 100644
index 0000000000..37c7c9c166
--- /dev/null
+++ b/main/libsndfile/fix-rf64-varargs-bug.patch
@@ -0,0 +1,30 @@
+commit 9d470ee5577d3ccedb1c28c7e0a7295ba17feaf5
+Author: Erik de Castro Lopo <erikd@mega-nerd.com>
+Date: Sun Apr 16 17:54:17 2017 +1000
+
+ src/rf64.c: Fix varargs related bug
+
+ C's <stargs.h> functionality isn't type checked so that passing an
+ `sf_count_t` (64 bits) by mistake in place of a `unit32_t` can cause
+ errors. This would be fine if it was an error on every architecture
+ and platform, but its not. This particular problem only manifested
+ on armhf and some other Arm architectures. It was not an issue on
+ 32 bit x86.
+
+ I have now fixed variants of this same bug several times.
+
+ Closes: https://github.com/erikd/libsndfile/issues/229
+
+diff --git a/src/rf64.c b/src/rf64.c
+index b3d637fa..02dd9046 100644
+--- a/src/rf64.c
++++ b/src/rf64.c
+@@ -742,7 +742,7 @@ rf64_write_header (SF_PRIVATE *psf, int calc_length)
+
+ pad_size = psf->dataoffset - 16 - psf->header.indx ;
+ if (pad_size >= 0)
+- psf_binheader_writef (psf, "m4z", PAD_MARKER, pad_size, make_size_t (pad_size)) ;
++ psf_binheader_writef (psf, "m4z", PAD_MARKER, (unsigned int) pad_size, make_size_t (pad_size)) ;
+
+ if (wpriv->rf64_downgrade && (psf->filelength < RIFF_DOWNGRADE_BYTES))
+ psf_binheader_writef (psf, "tm8", data_MARKER, psf->datalength) ;