Skip to content
Snippets Groups Projects
Commit a9690f97 authored by Síle Ekaterin Liszka's avatar Síle Ekaterin Liszka
Browse files

user/wavpack: patches for CVEs 2018-19840 & -19841

parent 20f6886b
No related branches found
No related tags found
1 merge request!126Security fixes for Perl and WavPack
Hide whitespace changes
Inline Side-by-side
user/wavpack/APKBUILD
+ 11
3
View file @ a9690f97
......@@ -3,7 +3,7 @@
# Maintainer:
pkgname=wavpack
pkgver=5.1.0
pkgrel=3
pkgrel=4
pkgdesc="Audio compression format with lossless, lossy, and hybrid compression modes"
url="http://www.wavpack.com/"
arch="all"
......@@ -12,9 +12,15 @@ license="BSD-3-Clause"
depends=""
makedepends=""
subpackages="$pkgname-dev $pkgname-doc"
source="http://www.wavpack.com/$pkgname-$pkgver.tar.bz2"
source="http://www.wavpack.com/$pkgname-$pkgver.tar.bz2
cve2018-19840.patch
cve2018-19841.patch
"
# secfixes:
# 5.1.0-r4:
# - CVE-2018-19840
# - CVE-2018-19840
# 5.1.0-r0:
# - CVE-2016-10169
# - CVE-2016-10170
......@@ -46,4 +52,6 @@ package() {
make DESTDIR="$pkgdir" install
}
sha512sums="4c31616ae63c3a875afa20f26ce935f7a8f9921e2892b4b8388eca3ccd83b2d686f43eed8b9ec1dead934a1148401b9dced3b05f509b7942c48d7af31cf80a54 wavpack-5.1.0.tar.bz2"
sha512sums="4c31616ae63c3a875afa20f26ce935f7a8f9921e2892b4b8388eca3ccd83b2d686f43eed8b9ec1dead934a1148401b9dced3b05f509b7942c48d7af31cf80a54 wavpack-5.1.0.tar.bz2
67d02dd744c638d126cf5a894d1ff2c39726bd4d3771ef7410ea782e5c9a0f9341909432bd4bea9b8959891c38699601c1aac2da6e0eaddaa5a4d679e7f58dd2 cve2018-19840.patch
dba007fa8cb2537b6f6c8ee559a98e501e948260ce7e7af7d3fdc8c9145bbbbf85c8fed8030de354459c4b08d3015a0ea769a948636bdfd66e567c0a2d2493c6 cve2018-19841.patch"
user/wavpack/cve2018-19840.patch 0 → 100644
+ 25
0
View file @ a9690f97
From 070ef6f138956d9ea9612e69586152339dbefe51 Mon Sep 17 00:00:00 2001
From: David Bryant <david@wavpack.com>
Date: Thu, 29 Nov 2018 21:00:42 -0800
Subject: [PATCH] issue #53: error out on zero sample rate
---
src/pack_utils.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/src/pack_utils.c b/src/pack_utils.c
index 2253f0d..2a83497 100644
--- a/src/pack_utils.c
+++ b/src/pack_utils.c
@@ -195,6 +195,11 @@ int WavpackSetConfiguration64 (WavpackContext *wpc, WavpackConfig *config, int64
int num_chans = config->num_channels;
int i;
+ if (!config->sample_rate) {
+ strcpy (wpc->error_message, "sample rate cannot be zero!");
+ return FALSE;
+ }
+
wpc->stream_version = (config->flags & CONFIG_COMPATIBLE_WRITE) ? CUR_STREAM_VERS : MAX_STREAM_VERS;
if ((config->qmode & QMODE_DSD_AUDIO) && config->bytes_per_sample == 1 && config->bits_per_sample == 8) {
user/wavpack/cve2018-19841.patch 0 → 100644
+ 29
0
View file @ a9690f97
From bba5389dc598a92bdf2b297c3ea34620b6679b5b Mon Sep 17 00:00:00 2001
From: David Bryant <david@wavpack.com>
Date: Thu, 29 Nov 2018 21:53:51 -0800
Subject: [PATCH] issue #54: fix potential out-of-bounds heap read
---
src/open_utils.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/open_utils.c b/src/open_utils.c
index 80051fc..4fe0d67 100644
--- a/src/open_utils.c
+++ b/src/open_utils.c
@@ -1258,13 +1258,13 @@ int WavpackVerifySingleBlock (unsigned char *buffer, int verify_checksum)
#endif
if (meta_bc == 4) {
- if (*dp++ != (csum & 0xff) || *dp++ != ((csum >> 8) & 0xff) || *dp++ != ((csum >> 16) & 0xff) || *dp++ != ((csum >> 24) & 0xff))
+ if (*dp != (csum & 0xff) || dp[1] != ((csum >> 8) & 0xff) || dp[2] != ((csum >> 16) & 0xff) || dp[3] != ((csum >> 24) & 0xff))
return FALSE;
}
else {
csum ^= csum >> 16;
- if (*dp++ != (csum & 0xff) || *dp++ != ((csum >> 8) & 0xff))
+ if (*dp != (csum & 0xff) || dp[1] != ((csum >> 8) & 0xff))
return FALSE;
}
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment