diff options
author | James Meyer <james.meyer@operamail.com> | 2010-10-23 18:17:40 (GMT) |
---|---|---|
committer | James Meyer <james.meyer@operamail.com> | 2010-10-23 18:19:39 (GMT) |
commit | adbcf19958300e9b6598990184c8815b945ba0ee (patch) | |
tree | f4283c850ac0ac202c17e78a637ee7ca8147621b /abs/core-testing/libsndfile/overflow.dpatch | |
parent | 61a68250df10d29b624650948484898334ff22d0 (diff) | |
download | linhes_pkgbuild-adbcf19958300e9b6598990184c8815b945ba0ee.zip linhes_pkgbuild-adbcf19958300e9b6598990184c8815b945ba0ee.tar.gz linhes_pkgbuild-adbcf19958300e9b6598990184c8815b945ba0ee.tar.bz2 |
Removed old core and extra from repo. Renamed -testing to core/extra. This will setup the base for the testing branch.
Diffstat (limited to 'abs/core-testing/libsndfile/overflow.dpatch')
-rw-r--r-- | abs/core-testing/libsndfile/overflow.dpatch | 46 |
1 files changed, 0 insertions, 46 deletions
diff --git a/abs/core-testing/libsndfile/overflow.dpatch b/abs/core-testing/libsndfile/overflow.dpatch deleted file mode 100644 index 108b68c..0000000 --- a/abs/core-testing/libsndfile/overflow.dpatch +++ /dev/null @@ -1,46 +0,0 @@ -#! /bin/sh /usr/share/dpatch/dpatch-run -## overflow.dpatch by Samuel Mimram <smimram@debian.org> -## -## All lines beginning with `## DP:' are a description of the patch. -## DP: Fix a buffer overflow (CVE-2007-4974). See #443386. - -@DPATCH@ -diff -urNad libsndfile-1.0.17~/src/flac.c libsndfile-1.0.17/src/flac.c ---- libsndfile-1.0.17~/src/flac.c 2007-09-20 23:38:16.000000000 +0000 -+++ libsndfile-1.0.17/src/flac.c 2007-09-20 23:38:16.000000000 +0000 -@@ -57,7 +57,7 @@ - ** Private static functions. - */ - --#define ENC_BUFFER_SIZE 4096 -+#define ENC_BUFFER_SIZE 8192 - - typedef enum - { PFLAC_PCM_SHORT = 0, -@@ -202,6 +202,17 @@ - const FLAC__int32* const *buffer = pflac->wbuffer ; - unsigned i = 0, j, offset ; - -+ /* -+ ** frame->header.blocksize is variable and we're using a constant blocksize -+ ** of FLAC__MAX_BLOCK_SIZE. -+ ** Check our assumptions here. -+ */ -+ if (frame->header.blocksize > FLAC__MAX_BLOCK_SIZE) -+ { psf_log_printf (psf, "Ooops : frame->header.blocksize (%d) > FLAC__MAX_BLOCK_SIZE (%d)\n", __func__, __LINE__, frame->header.blocksize, FLAC__MAX_BLOCK_SIZE) ; -+ psf->error = SFE_INTERNAL ; -+ return 0 ; -+ } ; -+ - if (pflac->ptr == NULL) - { /* - ** Not sure why this code is here and not elsewhere. -@@ -210,7 +221,7 @@ - pflac->bufferbackup = SF_TRUE ; - for (i = 0 ; i < frame->header.channels ; i++) - { if (pflac->rbuffer [i] == NULL) -- pflac->rbuffer [i] = calloc (frame->header.blocksize, sizeof (FLAC__int32)) ; -+ pflac->rbuffer [i] = calloc (FLAC__MAX_BLOCK_SIZE, sizeof (FLAC__int32)) ; - memcpy (pflac->rbuffer [i], buffer [i], frame->header.blocksize * sizeof (FLAC__int32)) ; - } ; - pflac->wbuffer = (const FLAC__int32* const*) pflac->rbuffer ; |