aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLeo <thinkabit.ukim@gmail.com>2019-08-23 11:43:03 -0300
committerNatanael Copa <ncopa@alpinelinux.org>2019-08-26 10:52:23 +0200
commit191092674935c795b8225c2830c1511c58e07b13 (patch)
tree45642416e2325c4916c7f7abec05dcc333e45c0d
parent9490e53a0c128131550462782a6f7808bfebb502 (diff)
downloadaports-191092674935c795b8225c2830c1511c58e07b13.tar.gz
aports-191092674935c795b8225c2830c1511c58e07b13.tar.bz2
aports-191092674935c795b8225c2830c1511c58e07b13.tar.xz
main/wavpack: fix a few CVEs
ref #10756
-rw-r--r--main/wavpack/APKBUILD17
-rw-r--r--main/wavpack/CVE-2019-1010315.patch36
-rw-r--r--main/wavpack/CVE-2019-1010317.patch40
-rw-r--r--main/wavpack/CVE-2019-1010319.patch23
-rw-r--r--main/wavpack/CVE-2019-11498.patch32
5 files changed, 146 insertions, 2 deletions
diff --git a/main/wavpack/APKBUILD b/main/wavpack/APKBUILD
index 12b44ba3cb..f5b1af74a5 100644
--- a/main/wavpack/APKBUILD
+++ b/main/wavpack/APKBUILD
@@ -3,7 +3,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=wavpack
pkgver=5.1.0
-pkgrel=3
+pkgrel=4
pkgdesc="Audio compression format with lossless, lossy, and hybrid compression modes"
url="http://www.wavpack.com/"
arch="all"
@@ -18,10 +18,19 @@ source="http://www.wavpack.com/${pkgname}-${pkgver}.tar.bz2
CVE-2018-10538_10539_10540.patch
CVE-2018-19840.patch
CVE-2018-19841.patch
+ CVE-2019-1010315.patch
+ CVE-2019-11498.patch
+ CVE-2019-1010317.patch
+ CVE-2019-1010319.patch
"
builddir="$srcdir"/$pkgname-$pkgver
# secfixes:
+# 5.1.0-r4:
+# - CVE-2019-1010319
+# - CVE-2019-1010317
+# - CVE-2019-1010315
+# - CVE-2019-11498
# 5.1.0-r3:
# - CVE-2018-19840
# - CVE-2018-19841
@@ -79,4 +88,8 @@ sha512sums="4c31616ae63c3a875afa20f26ce935f7a8f9921e2892b4b8388eca3ccd83b2d686f4
fd7ff58c53f9b4cec335e36017c5b1709c5526a2d44a54dfbeb050ea303997418d1fa312ebe39f521a35a6f2151b8a0f5845ee9bf6bbda22bef036e9fc0166a5 CVE-2018-10536_10537.patch
a59eff2a8f47d4383f33667e7737f5e2e639778b367340169f1c5d6335c8948cfd8e1a7554e8b6c05a59d80a04048cf137c0f4fdfd88d2d88757404d3dac31ee CVE-2018-10538_10539_10540.patch
67d02dd744c638d126cf5a894d1ff2c39726bd4d3771ef7410ea782e5c9a0f9341909432bd4bea9b8959891c38699601c1aac2da6e0eaddaa5a4d679e7f58dd2 CVE-2018-19840.patch
-dba007fa8cb2537b6f6c8ee559a98e501e948260ce7e7af7d3fdc8c9145bbbbf85c8fed8030de354459c4b08d3015a0ea769a948636bdfd66e567c0a2d2493c6 CVE-2018-19841.patch"
+dba007fa8cb2537b6f6c8ee559a98e501e948260ce7e7af7d3fdc8c9145bbbbf85c8fed8030de354459c4b08d3015a0ea769a948636bdfd66e567c0a2d2493c6 CVE-2018-19841.patch
+46d0fb4483e5ea824b1bce67f2ea76894e16b3f86cd28f234c1e393ea1d859ac304f44f22a7e32cdfbd83ff83d99fc147e0f9de932ee674c4f565cc92e279c28 CVE-2019-1010315.patch
+30ad915f481eef07737cb95e44c1988441b72d0fc6731c4e48b391deb44168ad7536e0e7c3c9363e18f27814cade4c784e9a61e6a46e103aa88db0b42cef57e3 CVE-2019-11498.patch
+91b0fdefdfe2a3f135f3fdf947b43a7bc347e4cd21804d0e4997066997a32bc9bb218cc2ef6b1733c011d83c22035efd22cf993b7af5d0fa540441a3e9685c3c CVE-2019-1010317.patch
+a180c662d41e96913b946782ae4679b944029d0d62161a7fc204c0b2ff898409a375a33d2376885fe425c449128de61f161867d1c264120682c0708aeea2d21e CVE-2019-1010319.patch"
diff --git a/main/wavpack/CVE-2019-1010315.patch b/main/wavpack/CVE-2019-1010315.patch
new file mode 100644
index 0000000000..b52d8884a0
--- /dev/null
+++ b/main/wavpack/CVE-2019-1010315.patch
@@ -0,0 +1,36 @@
+From 4c0faba32fddbd0745cbfaf1e1aeb3da5d35b9fc Mon Sep 17 00:00:00 2001
+From: David Bryant <david@wavpack.com>
+Date: Sat, 2 Mar 2019 18:37:14 -0800
+Subject: [PATCH] issue #65: make sure DSDIFF files have a valid channel count
+
+---
+ cli/dsdiff.c | 10 ++++++++--
+ 1 file changed, 8 insertions(+), 2 deletions(-)
+
+diff --git a/cli/dsdiff.c b/cli/dsdiff.c
+index 0ac4321..f357181 100644
+--- a/cli/dsdiff.c
++++ b/cli/dsdiff.c
+@@ -180,7 +180,7 @@ int ParseDsdiffHeaderConfig (FILE *infile, char *infilename, char *fourcc, Wavpa
+
+ if (!strncmp (prop_chunk, "SND ", 4)) {
+ char *cptr = prop_chunk + 4, *eptr = prop_chunk + dff_chunk_header.ckDataSize;
+- uint16_t numChannels, chansSpecified, chanMask = 0;
++ uint16_t numChannels = 0, chansSpecified, chanMask = 0;
+ uint32_t sampleRate;
+
+ while (eptr - cptr >= sizeof (dff_chunk_header)) {
+@@ -279,6 +279,12 @@ int ParseDsdiffHeaderConfig (FILE *infile, char *infilename, char *fourcc, Wavpa
+ free (prop_chunk);
+ }
+ else if (!strncmp (dff_chunk_header.ckID, "DSD ", 4)) {
++
++ if (!config->num_channels) {
++ error_line ("%s is not a valid .DFF file!", infilename);
++ return WAVPACK_SOFT_ERROR;
++ }
++
+ total_samples = dff_chunk_header.ckDataSize / config->num_channels;
+ break;
+ }
+
diff --git a/main/wavpack/CVE-2019-1010317.patch b/main/wavpack/CVE-2019-1010317.patch
new file mode 100644
index 0000000000..94f90275b8
--- /dev/null
+++ b/main/wavpack/CVE-2019-1010317.patch
@@ -0,0 +1,40 @@
+From f68a9555b548306c5b1ee45199ccdc4a16a6101b Mon Sep 17 00:00:00 2001
+From: David Bryant <david@wavpack.com>
+Date: Mon, 4 Mar 2019 21:09:41 -0800
+Subject: [PATCH] issue #66: make sure CAF files have a "desc" chunk
+
+---
+ cli/caff.c | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/cli/caff.c b/cli/caff.c
+index 2a5e2d9..a35da74 100644
+--- a/cli/caff.c
++++ b/cli/caff.c
+@@ -152,7 +152,7 @@ static struct {
+
+ int ParseCaffHeaderConfig (FILE *infile, char *infilename, char *fourcc, WavpackContext *wpc, WavpackConfig *config)
+ {
+- uint32_t chan_chunk = 0, channel_layout = 0, bcount;
++ uint32_t chan_chunk = 0, desc_chunk = 0, channel_layout = 0, bcount;
+ unsigned char *channel_identities = NULL;
+ unsigned char *channel_reorder = NULL;
+ int64_t total_samples = 0, infilesize;
+@@ -218,6 +218,7 @@ int ParseCaffHeaderConfig (FILE *infile, char *infilename, char *fourcc, Wavpack
+ }
+
+ WavpackBigEndianToNative (&caf_audio_format, CAFAudioFormatFormat);
++ desc_chunk = 1;
+
+ if (debug_logging_mode) {
+ char formatstr [5];
+@@ -458,7 +459,7 @@ int ParseCaffHeaderConfig (FILE *infile, char *infilename, char *fourcc, Wavpack
+ else if (!strncmp (caf_chunk_header.mChunkType, "data", 4)) { // on the data chunk, get size and exit loop
+ uint32_t mEditCount;
+
+- if (!DoReadFile (infile, &mEditCount, sizeof (mEditCount), &bcount) ||
++ if (!desc_chunk || !DoReadFile (infile, &mEditCount, sizeof (mEditCount), &bcount) ||
+ bcount != sizeof (mEditCount)) {
+ error_line ("%s is not a valid .CAF file!", infilename);
+ return WAVPACK_SOFT_ERROR;
+
diff --git a/main/wavpack/CVE-2019-1010319.patch b/main/wavpack/CVE-2019-1010319.patch
new file mode 100644
index 0000000000..6a53ef8fbb
--- /dev/null
+++ b/main/wavpack/CVE-2019-1010319.patch
@@ -0,0 +1,23 @@
+From 33a0025d1d63ccd05d9dbaa6923d52b1446a62fe Mon Sep 17 00:00:00 2001
+From: David Bryant <david@wavpack.com>
+Date: Tue, 5 Mar 2019 21:21:48 -0800
+Subject: [PATCH] issue #68: clear WaveHeader at start to prevent uninitialized
+ read
+
+---
+ cli/wave64.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/cli/wave64.c b/cli/wave64.c
+index 7beffe6..59548b1 100644
+--- a/cli/wave64.c
++++ b/cli/wave64.c
+@@ -56,6 +56,7 @@ int ParseWave64HeaderConfig (FILE *infile, char *infilename, char *fourcc, Wavpa
+ int format_chunk = 0;
+ uint32_t bcount;
+
++ CLEAR (WaveHeader);
+ infilesize = DoGetFileSize (infile);
+ memcpy (&filehdr, fourcc, 4);
+
+
diff --git a/main/wavpack/CVE-2019-11498.patch b/main/wavpack/CVE-2019-11498.patch
new file mode 100644
index 0000000000..c94aee1466
--- /dev/null
+++ b/main/wavpack/CVE-2019-11498.patch
@@ -0,0 +1,32 @@
+From bc6cba3f552c44565f7f1e66dc1580189addb2b4 Mon Sep 17 00:00:00 2001
+From: David Bryant <david@wavpack.com>
+Date: Tue, 5 Mar 2019 21:32:27 -0800
+Subject: [PATCH] issue #67: make sure sample rate is specified and non-zero in
+ DFF files
+
+---
+ cli/dsdiff.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/cli/dsdiff.c b/cli/dsdiff.c
+index f357181..193adee 100644
+--- a/cli/dsdiff.c
++++ b/cli/dsdiff.c
+@@ -181,7 +181,7 @@ int ParseDsdiffHeaderConfig (FILE *infile, char *infilename, char *fourcc, Wavpa
+ if (!strncmp (prop_chunk, "SND ", 4)) {
+ char *cptr = prop_chunk + 4, *eptr = prop_chunk + dff_chunk_header.ckDataSize;
+ uint16_t numChannels = 0, chansSpecified, chanMask = 0;
+- uint32_t sampleRate;
++ uint32_t sampleRate = 0;
+
+ while (eptr - cptr >= sizeof (dff_chunk_header)) {
+ memcpy (&dff_chunk_header, cptr, sizeof (dff_chunk_header));
+@@ -280,7 +280,7 @@ int ParseDsdiffHeaderConfig (FILE *infile, char *infilename, char *fourcc, Wavpa
+ }
+ else if (!strncmp (dff_chunk_header.ckID, "DSD ", 4)) {
+
+- if (!config->num_channels) {
++ if (!config->num_channels || !config->sample_rate) {
+ error_line ("%s is not a valid .DFF file!", infilename);
+ return WAVPACK_SOFT_ERROR;
+ }