Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package libsndfile for openSUSE:Factory
checked in at 2022-01-05 13:39:11
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/libsndfile (Old)
and /work/SRC/openSUSE:Factory/.libsndfile.new.1896 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libsndfile"
Wed Jan 5 13:39:11 2022 rev:61 rq:943532 version:1.0.31
Changes:
--------
--- /work/SRC/openSUSE:Factory/libsndfile/libsndfile.changes 2021-07-26
17:38:05.386094594 +0200
+++ /work/SRC/openSUSE:Factory/.libsndfile.new.1896/libsndfile.changes
2022-01-05 13:39:18.993505007 +0100
@@ -1,0 +2,7 @@
+Mon Jan 3 08:35:12 CET 2022 - ti...@suse.de
+
+- Fix heap buffer overflow in flac_buffer_copy (CVE-2021-4156,
+ bsc#1194006):
+ libsndfile-CVE-2021-4156.patch
+
+-------------------------------------------------------------------
New:
----
libsndfile-CVE-2021-4156.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ libsndfile-progs.spec ++++++
--- /var/tmp/diff_new_pack.z5vJfQ/_old 2022-01-05 13:39:19.769505616 +0100
+++ /var/tmp/diff_new_pack.z5vJfQ/_new 2022-01-05 13:39:19.773505620 +0100
@@ -1,7 +1,7 @@
#
# spec file for package libsndfile-progs
#
-# Copyright (c) 2021 SUSE LLC
+# Copyright (c) 2022 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
++++++ libsndfile.spec ++++++
--- /var/tmp/diff_new_pack.z5vJfQ/_old 2022-01-05 13:39:19.793505636 +0100
+++ /var/tmp/diff_new_pack.z5vJfQ/_new 2022-01-05 13:39:19.797505639 +0100
@@ -1,7 +1,7 @@
#
# spec file for package libsndfile
#
-# Copyright (c) 2021 SUSE LLC
+# Copyright (c) 2022 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -30,6 +30,7 @@
Source3: baselibs.conf
Patch34: sndfile-deinterlace-channels-check.patch
Patch35: ms_adpcm-Fix-and-extend-size-checks.patch
+Patch40: libsndfile-CVE-2021-4156.patch
# PATCH-FIX-OPENSUSE
Patch100: sndfile-ocloexec.patch
BuildRequires: cmake
++++++ libsndfile-CVE-2021-4156.patch ++++++
>From 4c30646abf7834e406f7e2429c70bc254e18beab Mon Sep 17 00:00:00 2001
From: yuawn <ssspee...@gmail.com>
Date: Wed, 14 Apr 2021 08:38:23 +0000
Subject: [PATCH] flac: Fix improper buffer reusing
---
src/flac.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/src/flac.c b/src/flac.c
index 64d0172e6..800d81078 100644
--- a/src/flac.c
+++ b/src/flac.c
@@ -62,6 +62,7 @@ typedef struct
FLAC__StreamMetadata *metadata ;
const int32_t * const * wbuffer ;
+ unsigned wbuffer_size ;
int32_t * rbuffer [FLAC__MAX_CHANNELS] ;
int32_t* encbuffer ;
@@ -188,6 +189,12 @@ flac_buffer_copy (SF_PRIVATE *psf)
return 0 ;
} ;
+ if (frame->header.blocksize > pflac->wbuffer_size)
+ { psf_log_printf (psf, "Ooops : frame->header.blocksize (%d) >
pflac->wbuffer_size (%d)\n", __func__, __LINE__, frame->header.blocksize,
pflac->wbuffer_size) ;
+ psf->error = SFE_INTERNAL ;
+ return 0 ;
+ } ;
+
if (frame->header.channels > FLAC__MAX_CHANNELS)
psf_log_printf (psf, "Ooops : frame->header.channels (%d) >
FLAC__MAX_BLOCK_SIZE (%d)\n", __func__, __LINE__, frame->header.channels,
FLAC__MAX_CHANNELS) ;
@@ -393,6 +400,7 @@ sf_flac_write_callback (const FLAC__StreamDecoder * UNUSED
(decoder), const FLAC
pflac->bufferpos = 0 ;
pflac->wbuffer = buffer ;
+ pflac->wbuffer_size = pflac->frame->header.blocksize ;
flac_buffer_copy (psf) ;
