[SCM] wavpack/master: Upstream patch for the CVEs

Mon Jan 30 20:06:31 UTC 2017

The following commit has been merged in the master branch:
commit 47c09fe288de9fe6d1fbfd1f477aac47098ef45a
Author: Sebastian Ramacher <sramacher at debian.org>
Date:   Mon Jan 30 21:04:19 2017 +0100

    Upstream patch for the CVEs

diff --git a/debian/patches/fixes-for-4-fuzz-failures-posted-to-SourceForge-mail.patch b/debian/patches/fixes-for-4-fuzz-failures-posted-to-SourceForge-mail.patch
new file mode 100644
index 0000000..62346c7
--- /dev/null
+++ b/debian/patches/fixes-for-4-fuzz-failures-posted-to-SourceForge-mail.patch
@@ -0,0 +1,52 @@
+From 4bc05fc490b66ef2d45b1de26abf1455b486b0dc Mon Sep 17 00:00:00 2001
+From: David Bryant <david at wavpack.com>
+Date: Wed, 21 Dec 2016 22:18:36 -0800
+Subject: [PATCH] fixes for 4 fuzz failures posted to SourceForge mailing list
+
+---
+ src/open_utils.c | 6 +++++-
+ src/read_words.c | 4 ++++
+ 2 files changed, 9 insertions(+), 1 deletion(-)
+
+diff --git a/src/open_utils.c b/src/open_utils.c
+index 7519f99..a844046 100644
+--- a/src/open_utils.c
++++ b/src/open_utils.c
+@@ -560,7 +560,7 @@ static int read_new_config_info (WavpackContext *wpc, WavpackMetadata *wpmd)
+ 
+     // if there's any data, the first two bytes are file_format and qmode flags
+ 
+-    if (bytecnt) {
++    if (bytecnt >= 2) {
+         wpc->file_format = *byteptr++;
+         wpc->config.qmode = (wpc->config.qmode & ~0xff) | *byteptr++;
+         bytecnt -= 2;
+@@ -593,6 +593,10 @@ static int read_new_config_info (WavpackContext *wpc, WavpackMetadata *wpmd)
+                         for (i = 0; i < nchans; ++i)
+                             if (bytecnt) {
+                                 wpc->channel_reordering [i] = *byteptr++;
++
++                                if (wpc->channel_reordering [i] >= nchans)  // make sure index is in range
++                                    wpc->channel_reordering [i] = 0;
++
+                                 bytecnt--;
+                             }
+                             else
+diff --git a/src/read_words.c b/src/read_words.c
+index 62acac3..a537bfa 100644
+--- a/src/read_words.c
++++ b/src/read_words.c
+@@ -288,6 +288,10 @@ int32_t FASTCALL get_word (WavpackStream *wps, int chan, int32_t *correction)
+ 
+     low &= 0x7fffffff;
+     high &= 0x7fffffff;
++
++    if (low > high)         // make sure high and low make sense
++        high = low;
++
+     mid = (high + low + 1) >> 1;
+ 
+     if (!c->error_limit)
+-- 
+2.11.0
+
diff --git a/debian/patches/series b/debian/patches/series
new file mode 100644
index 0000000..28b0d00
--- /dev/null
+++ b/debian/patches/series
@@ -0,0 +1 @@
+fixes-for-4-fuzz-failures-posted-to-SourceForge-mail.patch

-- 
wavpack packaging

