summaryrefslogtreecommitdiff
path: root/recipes/libvorbis
diff options
context:
space:
mode:
Diffstat (limited to 'recipes/libvorbis')
-rw-r--r--recipes/libvorbis/libvorbis/m4.patch11
-rw-r--r--recipes/libvorbis/libvorbis/r14598-CVE-2008-1420.patch36
-rw-r--r--recipes/libvorbis/libvorbis/r14602-CVE-2008-1419.patch15
-rw-r--r--recipes/libvorbis/libvorbis/r14602-CVE-2008-1423.patch15
-rw-r--r--recipes/libvorbis/libvorbis_1.0.1.bb32
-rw-r--r--recipes/libvorbis/libvorbis_1.2.0.bb35
6 files changed, 144 insertions, 0 deletions
diff --git a/recipes/libvorbis/libvorbis/m4.patch b/recipes/libvorbis/libvorbis/m4.patch
new file mode 100644
index 0000000000..797a6b62a5
--- /dev/null
+++ b/recipes/libvorbis/libvorbis/m4.patch
@@ -0,0 +1,11 @@
+--- libvorbis-1.0.1/vorbis.m4.orig 2002-08-14 20:25:39 +0200
++++ libvorbis-1.0.1/vorbis.m4 2004-08-12 12:58:13 +0200
+@@ -6,7 +6,7 @@
+ dnl XIPH_PATH_VORBIS([ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND]])
+ dnl Test for libvorbis, and define VORBIS_CFLAGS and VORBIS_LIBS
+ dnl
+-AC_DEFUN(XIPH_PATH_VORBIS,
++AC_DEFUN([XIPH_PATH_VORBIS],
+ [dnl
+ dnl Get the cflags and libraries
+ dnl
diff --git a/recipes/libvorbis/libvorbis/r14598-CVE-2008-1420.patch b/recipes/libvorbis/libvorbis/r14598-CVE-2008-1420.patch
new file mode 100644
index 0000000000..5fb5b2acda
--- /dev/null
+++ b/recipes/libvorbis/libvorbis/r14598-CVE-2008-1420.patch
@@ -0,0 +1,36 @@
+patch taken from redhat
+
+Index: libvorbis-1.2.0/lib/res0.c
+===================================================================
+--- libvorbis-1.2.0/lib/res0.c (revision 14597)
++++ libvorbis-1.2.0/lib/res0.c (revision 14598)
+@@ -223,6 +223,20 @@
+ for(j=0;j<acc;j++)
+ if(info->booklist[j]>=ci->books)goto errout;
+
++ /* verify the phrasebook is not specifying an impossible or
++ inconsistent partitioning scheme. */
++ {
++ int entries = ci->book_param[info->groupbook]->entries;
++ int dim = ci->book_param[info->groupbook]->dim;
++ int partvals = 1;
++ while(dim>0){
++ partvals *= info->partitions;
++ if(partvals > entries) goto errout;
++ dim--;
++ }
++ if(partvals != entries) goto errout;
++ }
++
+ return(info);
+ errout:
+ res0_free_info(info);
+@@ -263,7 +277,7 @@
+ }
+ }
+
+- look->partvals=rint(pow((float)look->parts,(float)dim));
++ look->partvals=look->phrasebook->entries;
+ look->stages=maxstage;
+ look->decodemap=_ogg_malloc(look->partvals*sizeof(*look->decodemap));
+ for(j=0;j<look->partvals;j++){
diff --git a/recipes/libvorbis/libvorbis/r14602-CVE-2008-1419.patch b/recipes/libvorbis/libvorbis/r14602-CVE-2008-1419.patch
new file mode 100644
index 0000000000..b9d6b7adb5
--- /dev/null
+++ b/recipes/libvorbis/libvorbis/r14602-CVE-2008-1419.patch
@@ -0,0 +1,15 @@
+patch taken from redhat
+
+Index: libvorbis-1.2.0/lib/codebook.c
+===================================================================
+--- libvorbis-1.2.0/lib/codebook.c (revision 14601)
++++ libvorbis-1.2.0/lib/codebook.c (revision 14602)
+@@ -225,7 +225,7 @@
+ int quantvals=0;
+ switch(s->maptype){
+ case 1:
+- quantvals=_book_maptype1_quantvals(s);
++ quantvals=(s->dim==0?0:_book_maptype1_quantvals(s));
+ break;
+ case 2:
+ quantvals=s->entries*s->dim;
diff --git a/recipes/libvorbis/libvorbis/r14602-CVE-2008-1423.patch b/recipes/libvorbis/libvorbis/r14602-CVE-2008-1423.patch
new file mode 100644
index 0000000000..d912c57f79
--- /dev/null
+++ b/recipes/libvorbis/libvorbis/r14602-CVE-2008-1423.patch
@@ -0,0 +1,15 @@
+patch taken from redhat
+
+Index: libvorbis-1.2.0/lib/codebook.c
+===================================================================
+--- libvorbis-1.2.0/lib/codebook.c (revision 14603)
++++ libvorbis-1.2.0/lib/codebook.c (revision 14604)
+@@ -159,6 +159,8 @@
+ s->entries=oggpack_read(opb,24);
+ if(s->entries==-1)goto _eofout;
+
++ if(_ilog(s->dim)+_ilog(s->entries)>24)goto _eofout;
++
+ /* codeword ordering.... length ordered or unordered? */
+ switch((int)oggpack_read(opb,1)){
+ case 0:
diff --git a/recipes/libvorbis/libvorbis_1.0.1.bb b/recipes/libvorbis/libvorbis_1.0.1.bb
new file mode 100644
index 0000000000..8a2d17a0ad
--- /dev/null
+++ b/recipes/libvorbis/libvorbis_1.0.1.bb
@@ -0,0 +1,32 @@
+SECTION = "libs"
+DEPENDS = "libogg"
+DESCRIPTION = "Ogg Vorbis is a high-quality lossy audio codec \
+that is free of intellectual property restrictions. libvorbis \
+is the main vorbis codec library."
+LICENSE = "BSD"
+PR = "r2"
+
+SRC_URI = "http://www.vorbis.com/files/${PV}/unix/libvorbis-${PV}.tar.gz \
+file://m4.patch;patch=1"
+
+inherit autotools pkgconfig
+
+# vorbisfile.c reveals a problem in the gcc register spilling for the
+# thumb instruction set...
+FULL_OPTIMIZATION_thumb = "-O0"
+
+EXTRA_OECONF = "--with-ogg-libraries=${STAGING_LIBDIR} \
+ --with-ogg-includes=${STAGING_INCDIR}"
+
+do_stage () {
+ oe_libinstall -a -so -C lib libvorbis ${STAGING_LIBDIR}
+ oe_libinstall -a -so -C lib libvorbisfile ${STAGING_LIBDIR}
+ oe_libinstall -a -so -C lib libvorbisenc ${STAGING_LIBDIR}
+
+ install -d ${STAGING_INCDIR}/vorbis
+ install -m 0644 include/vorbis/vorbisenc.h \
+ include/vorbis/vorbisfile.h \
+ include/vorbis/codec.h ${STAGING_INCDIR}/vorbis/
+ install -d ${STAGING_DATADIR}/aclocal
+ install -m 0644 vorbis.m4 ${STAGING_DATADIR}/aclocal/
+}
diff --git a/recipes/libvorbis/libvorbis_1.2.0.bb b/recipes/libvorbis/libvorbis_1.2.0.bb
new file mode 100644
index 0000000000..30031ad5e8
--- /dev/null
+++ b/recipes/libvorbis/libvorbis_1.2.0.bb
@@ -0,0 +1,35 @@
+SECTION = "libs"
+DEPENDS = "libogg"
+DESCRIPTION = "Ogg Vorbis is a high-quality lossy audio codec \
+that is free of intellectual property restrictions. libvorbis \
+is the main vorbis codec library."
+LICENSE = "BSD"
+PR = "1"
+
+SRC_URI = "http://downloads.xiph.org/releases/vorbis/libvorbis-${PV}.tar.gz \
+ file://r14598-CVE-2008-1420.patch;patch=1 \
+ file://r14602-CVE-2008-1419.patch;patch=1 \
+ file://r14602-CVE-2008-1423.patch;patch=1 \
+ "
+
+inherit autotools pkgconfig
+
+# vorbisfile.c reveals a problem in the gcc register spilling for the
+# thumb instruction set...
+FULL_OPTIMIZATION_thumb = "-O0"
+
+EXTRA_OECONF = "--with-ogg-libraries=${STAGING_LIBDIR} \
+ --with-ogg-includes=${STAGING_INCDIR}"
+
+do_stage () {
+ oe_libinstall -a -so -C lib libvorbis ${STAGING_LIBDIR}
+ oe_libinstall -a -so -C lib libvorbisfile ${STAGING_LIBDIR}
+ oe_libinstall -a -so -C lib libvorbisenc ${STAGING_LIBDIR}
+
+ install -d ${STAGING_INCDIR}/vorbis
+ install -m 0644 include/vorbis/vorbisenc.h \
+ include/vorbis/vorbisfile.h \
+ include/vorbis/codec.h ${STAGING_INCDIR}/vorbis/
+ install -d ${STAGING_DATADIR}/aclocal
+ install -m 0644 vorbis.m4 ${STAGING_DATADIR}/aclocal/
+}