[SCM] sox/master: Add patch to fix CVE-2017-15642. (Closes: #882144)
mira-guest at users.alioth.debian.org
mira-guest at users.alioth.debian.org
Mon Nov 20 12:21:31 UTC 2017
The following commit has been merged in the master branch:
commit 4f0a4b6eee7c9b38a9eed315bb90d9a1227cbc61
Author: Jaromír Mikeš <mira.mikes at seznam.cz>
Date: Mon Nov 20 13:20:47 2017 +0100
Add patch to fix CVE-2017-15642. (Closes: #882144)
diff --git a/debian/patches/0014-CVE-2017-15642.patch b/debian/patches/0014-CVE-2017-15642.patch
new file mode 100644
index 0000000..d43ef50
--- /dev/null
+++ b/debian/patches/0014-CVE-2017-15642.patch
@@ -0,0 +1,28 @@
+Description: This fixes a use after free and double free if an empty comment
+chunk follows a non-empty one.
+Author: Mans Rullgard <mans at mansr.com>
+Forwarded: not-needed
+---
+ src/aiff.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+Index: sox/src/aiff.c
+===================================================================
+--- sox.orig/src/aiff.c
++++ sox/src/aiff.c
+@@ -62,7 +62,6 @@ int lsx_aiffstartread(sox_format_t * ft)
+ size_t ssndsize = 0;
+ char *annotation;
+ char *author;
+- char *comment = NULL;
+ char *copyright;
+ char *nametext;
+
+@@ -270,6 +269,7 @@ int lsx_aiffstartread(sox_format_t * ft)
+ free(annotation);
+ }
+ else if (strncmp(buf, "COMT", (size_t)4) == 0) {
++ char *comment = NULL;
+ rc = commentChunk(&comment, "Comment:", ft);
+ if (rc) {
+ /* Fail already called in function */
diff --git a/debian/patches/series b/debian/patches/series
index 0c59f51..af0dd6a 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -9,3 +9,4 @@
0011-lintian-man-sox.patch
0012-xa-validate-channel-count.patch
0013-CVE-2017-15372.patch
+0014-CVE-2017-15642.patch
--
sox packaging
More information about the pkg-multimedia-commits
mailing list