diff options
-rw-r--r-- | meta/recipes-multimedia/libsndfile/files/libsndfile-fix-CVE-2014-9756.patch | 24 | ||||
-rw-r--r-- | meta/recipes-multimedia/libsndfile/libsndfile1_1.0.25.bb | 1 |
2 files changed, 25 insertions, 0 deletions
diff --git a/meta/recipes-multimedia/libsndfile/files/libsndfile-fix-CVE-2014-9756.patch b/meta/recipes-multimedia/libsndfile/files/libsndfile-fix-CVE-2014-9756.patch new file mode 100644 index 0000000000..b54b3ba669 --- /dev/null +++ b/meta/recipes-multimedia/libsndfile/files/libsndfile-fix-CVE-2014-9756.patch @@ -0,0 +1,24 @@ +src/file_io.c : Prevent potential divide-by-zero. + +Closes: https://github.com/erikd/libsndfile/issues/92 + +Upstream-Status: Backport + +Fixes CVE-2014-9756 + +Signed-off-by: Erik de Castro Lopo <erikd@mega-nerd.com> +Signed-off-by: Maxin B. John <maxin.john@intel.com> +--- +diff -Naur libsndfile-1.0.25-orig/src/file_io.c libsndfile-1.0.25/src/file_io.c +--- libsndfile-1.0.25-orig/src/file_io.c 2011-01-19 12:12:28.000000000 +0200 ++++ libsndfile-1.0.25/src/file_io.c 2015-11-04 15:02:04.337395618 +0200 +@@ -358,6 +358,9 @@ + { sf_count_t total = 0 ; + ssize_t count ; + ++ if (bytes == 0 || items == 0) ++ return 0 ; ++ + if (psf->virtual_io) + return psf->vio.write (ptr, bytes*items, psf->vio_user_data) / bytes ; + diff --git a/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.25.bb b/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.25.bb index 3e02f4ea78..be875c227b 100644 --- a/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.25.bb +++ b/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.25.bb @@ -9,6 +9,7 @@ PR = "r2" SRC_URI = "http://www.mega-nerd.com/libsndfile/files/libsndfile-${PV}.tar.gz \ file://0001-src-sd2.c-Fix-segfault-in-SD2-RSRC-parser.patch \ file://0001-src-sd2.c-Fix-two-potential-buffer-read-overflows.patch \ + file://libsndfile-fix-CVE-2014-9756.patch \ " SRC_URI[md5sum] = "e2b7bb637e01022c7d20f95f9c3990a2" |