diff options
author | Leo <thinkabit.ukim@gmail.com> | 2019-07-16 05:22:34 -0300 |
---|---|---|
committer | Leo <thinkabit.ukim@gmail.com> | 2019-07-16 07:03:25 -0300 |
commit | 95942be17b87677d6a63df31d34f02cf786f29c0 (patch) | |
tree | 38d66351a5e91ff0d2e2c6962b4a8a4a1fefe8e0 | |
parent | 2c6453a2a13b679695f092e59ee53e7cedafdf90 (diff) |
community/sox: backport fix for CVEs
-rw-r--r-- | community/sox/APKBUILD | 16 | ||||
-rw-r--r-- | community/sox/CVE-2019-8355.patch | 45 | ||||
-rw-r--r-- | community/sox/CVE-2019-8356.patch | 74 | ||||
-rw-r--r-- | community/sox/CVE-2019-8357.patch | 12 |
4 files changed, 145 insertions, 2 deletions
diff --git a/community/sox/APKBUILD b/community/sox/APKBUILD index e50a1d5d755..1c6c41a6f80 100644 --- a/community/sox/APKBUILD +++ b/community/sox/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=sox pkgver=14.4.2 -pkgrel=2 +pkgrel=3 pkgdesc="The Swiss Army knife of sound processing tools" url="http://sox.sourceforge.net/" arch="all" @@ -18,8 +18,17 @@ subpackages="$pkgname-dev $pkgname-doc" source="https://downloads.sourceforge.net/sourceforge/$pkgname/$pkgname-$pkgver.tar.gz sox-uclibc.patch sox-dynamic.patch + CVE-2019-8357.patch + CVE-2019-8356.patch + CVE-2019-8355.patch " +# secfixes: +# 14.4.2-r3: +# - CVE-2019-8357 +# - CVE-2019-8356 +# - CVE-2019-8355 + prepare() { cd "$builddir" default_prepare @@ -47,4 +56,7 @@ package() { } sha512sums="b5c6203f4f5577503a034fe5b3d6a033ee97fe4d171c533933e2b036118a43a14f97c9668433229708609ccf9ee16abdeca3fc7501aa0aafe06baacbba537eca sox-14.4.2.tar.gz 08c55a0de96733e10544d450f39c2205b4057b9fc024503ec97b1906a075752ee8a4b0a1b4c5bbad2eebec17bcf8d069b22d243a63d28b77c23d545efcca6aec sox-uclibc.patch -3950834db26faa0523006c6fd8e0769d080518f127d345c8ec9bf53e9db8a6bd67cd724f0f86492aaf9ce6ede2dfbde167049768f35c14ef3c2b96e7e00302b6 sox-dynamic.patch" +3950834db26faa0523006c6fd8e0769d080518f127d345c8ec9bf53e9db8a6bd67cd724f0f86492aaf9ce6ede2dfbde167049768f35c14ef3c2b96e7e00302b6 sox-dynamic.patch +b5daae78fc4eb855049c298da98ff6bb16933fb9b308801c02853fe58fb9086304343007740e2783a64fddc09c3ba576645e10cf4d5fe24f99ae98c4c1d943d7 CVE-2019-8357.patch +38f0572603181422ffa9d25ee17dea924b9b523803d0a835039c64aab1408d8e7cc36f9d2285d6d9a310901c3449b90ccc34da1273e33842e9f0634a5bb2757f CVE-2019-8356.patch +7a5499a5dea5635eb67703f95144e57b68c4c0c50aea04f2ecbfffd4cdd31cc183d97410da4f79cdbb9af4f357792a04fc7496f031cd2e30eb9dacf258050ff3 CVE-2019-8355.patch" diff --git a/community/sox/CVE-2019-8355.patch b/community/sox/CVE-2019-8355.patch new file mode 100644 index 00000000000..0936b38d514 --- /dev/null +++ b/community/sox/CVE-2019-8355.patch @@ -0,0 +1,45 @@ +diff --git a/src/Makefile.am b/src/Makefile.am +index 4e50abb..c76c812 100644 +--- a/src/Makefile.am ++++ b/src/Makefile.am +@@ -95,7 +95,7 @@ libsox_la_LIBADD += @GOMP_LIBS@ + + libsox_la_CFLAGS = @WARN_CFLAGS@ + libsox_la_LDFLAGS = @APP_LDFLAGS@ -version-info @SHLIB_VERSION@ \ +- -export-symbols-regex '^(sox_.*|lsx_(error|flush|check_read_params|(close|open)_dllibrary|(debug(_more|_most)?|fail|report|warn)_impl|eof|fail_errno|filelength|find_(enum_(text|value)|file_extension)|getopt(_init)?|lpc10_(create_(de|en)coder_state|(de|en)code)|raw(read|write)|read(_b_buf|buf|chars)|realloc|rewind|seeki|sigfigs3p?|strcasecmp|tell|unreadb|write(b|_b_buf|buf|s)))$$' ++ -export-symbols-regex '^(sox_.*|lsx_(([cm]|re)alloc.*|check_read_params|(close|open)_dllibrary|(debug(_more|_most)?|fail|report|warn)_impl|eof|error|fail_errno|filelength|find_(enum_(text|value)|file_extension)|flush|getopt(_init)?|lpc10_(create_(de|en)coder_state|(de|en)code)|raw(read|write)|read(_b_buf|buf|chars)|rewind|seeki|sigfigs3p?|strcasecmp|strdup|tell|unreadb|write(b|_b_buf|buf|s)))$$' + + if HAVE_WIN32_LTDL + libsox_la_SOURCES += win32-ltdl.c win32-ltdl.h +diff --git a/src/xmalloc.c b/src/xmalloc.c +index 9bf1596..5ca7cdd 100644 +--- a/src/xmalloc.c ++++ b/src/xmalloc.c +@@ -41,3 +41,13 @@ void *lsx_realloc(void *ptr, size_t newsize) + + return ptr; + } ++ ++void *lsx_realloc_array(void *p, size_t n, size_t size) ++{ ++ if (n > (size_t)-1 / size) { ++ lsx_fail("malloc size overflow"); ++ exit(2); ++ } ++ ++ return lsx_realloc(p, n * size); ++} +diff --git a/src/xmalloc.h b/src/xmalloc.h +index 9ee77f6..d708a90 100644 +--- a/src/xmalloc.h ++++ b/src/xmalloc.h +@@ -28,7 +28,7 @@ + #define lsx_Calloc(v,n) v = lsx_calloc(n,sizeof(*(v))) + #define lsx_strdup(p) ((p)? strcpy((char *)lsx_malloc(strlen(p) + 1), p) : NULL) + #define lsx_memdup(p,s) ((p)? memcpy(lsx_malloc(s), p, s) : NULL) +-#define lsx_valloc(v,n) v = lsx_malloc((n)*sizeof(*(v))) +-#define lsx_revalloc(v,n) v = lsx_realloc(v, (n)*sizeof(*(v))) ++#define lsx_valloc(v,n) v = lsx_realloc_array(NULL, n, sizeof(*(v))) ++#define lsx_revalloc(v,n) v = lsx_realloc_array(v, n, sizeof(*(v))) + + #endif diff --git a/community/sox/CVE-2019-8356.patch b/community/sox/CVE-2019-8356.patch new file mode 100644 index 00000000000..a9ae615bf8b --- /dev/null +++ b/community/sox/CVE-2019-8356.patch @@ -0,0 +1,74 @@ +--- a/src/fft4g.h ++++ b/src/fft4g.h +@@ -12,6 +12,8 @@ + * along with this library; if not, write to the Free Software Foundation, + * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + */ ++ ++#define FFT4G_MAX_SIZE 262144 + + void lsx_cdft(int, int, double *, int *, double *); + void lsx_rdft(int, int, double *, int *, double *); + +--- a/src/fft4g.c ++++ b/src/fft4g.c +@@ -322,6 +322,9 @@ + + void cdft(int n, int isgn, double *a, int *ip, double *w) + { ++ if (n > FFT4G_MAX_SIZE) ++ return; ++ + if (n > (ip[0] << 2)) { + makewt(n >> 2, ip, w); + } +@@ -344,6 +347,9 @@ + int nw, nc; + double xi; + ++ if (n > FFT4G_MAX_SIZE) ++ return; ++ + nw = ip[0]; + if (n > (nw << 2)) { + nw = n >> 2; +@@ -384,6 +390,9 @@ + int j, nw, nc; + double xr; + ++ if (n > FFT4G_MAX_SIZE) ++ return; ++ + nw = ip[0]; + if (n > (nw << 2)) { + nw = n >> 2; +@@ -435,6 +444,9 @@ + int j, nw, nc; + double xr; + ++ if (n > FFT4G_MAX_SIZE) ++ return; ++ + nw = ip[0]; + if (n > (nw << 2)) { + nw = n >> 2; +@@ -486,6 +498,9 @@ + int j, k, l, m, mh, nw, nc; + double xr, xi, yr, yi; + ++ if (n > FFT4G_MAX_SIZE) ++ return; ++ + nw = ip[0]; + if (n > (nw << 3)) { + nw = n >> 3; +@@ -576,6 +591,9 @@ + int j, k, l, m, mh, nw, nc; + double xr, xi, yr, yi; + ++ if (n > FFT4G_MAX_SIZE) ++ return; ++ + nw = ip[0]; + if (n > (nw << 3)) { + nw = n >> 3; diff --git a/community/sox/CVE-2019-8357.patch b/community/sox/CVE-2019-8357.patch new file mode 100644 index 00000000000..6f0bf72e536 --- /dev/null +++ b/community/sox/CVE-2019-8357.patch @@ -0,0 +1,12 @@ +--- a/src/effects_i_dsp.c ++++ b/src/effects_i_dsp.c +@@ -362,6 +362,9 @@ + assert(Fc >= 0 && Fc <= 1); + lsx_debug("make_lpf(n=%i Fc=%.7g β=%g ρ=%g dc-norm=%i scale=%g)", num_taps, Fc, beta, rho, dc_norm, scale); + ++ if (!h) ++ return NULL; ++ + for (i = 0; i <= m / 2; ++i) { + double z = i - .5 * m, x = z * M_PI, y = z * mult1; + h[i] = x? sin(Fc * x) / x : Fc; |