aboutsummaryrefslogtreecommitdiffstats
path: root/community/sox/CVE-2019-8355.patch
diff options
context:
space:
mode:
Diffstat (limited to 'community/sox/CVE-2019-8355.patch')
-rw-r--r--community/sox/CVE-2019-8355.patch45
1 files changed, 45 insertions, 0 deletions
diff --git a/community/sox/CVE-2019-8355.patch b/community/sox/CVE-2019-8355.patch
new file mode 100644
index 0000000000..0936b38d51
--- /dev/null
+++ b/community/sox/CVE-2019-8355.patch
@@ -0,0 +1,45 @@
+diff --git a/src/Makefile.am b/src/Makefile.am
+index 4e50abb..c76c812 100644
+--- a/src/Makefile.am
++++ b/src/Makefile.am
+@@ -95,7 +95,7 @@ libsox_la_LIBADD += @GOMP_LIBS@
+
+ libsox_la_CFLAGS = @WARN_CFLAGS@
+ libsox_la_LDFLAGS = @APP_LDFLAGS@ -version-info @SHLIB_VERSION@ \
+- -export-symbols-regex '^(sox_.*|lsx_(error|flush|check_read_params|(close|open)_dllibrary|(debug(_more|_most)?|fail|report|warn)_impl|eof|fail_errno|filelength|find_(enum_(text|value)|file_extension)|getopt(_init)?|lpc10_(create_(de|en)coder_state|(de|en)code)|raw(read|write)|read(_b_buf|buf|chars)|realloc|rewind|seeki|sigfigs3p?|strcasecmp|tell|unreadb|write(b|_b_buf|buf|s)))$$'
++ -export-symbols-regex '^(sox_.*|lsx_(([cm]|re)alloc.*|check_read_params|(close|open)_dllibrary|(debug(_more|_most)?|fail|report|warn)_impl|eof|error|fail_errno|filelength|find_(enum_(text|value)|file_extension)|flush|getopt(_init)?|lpc10_(create_(de|en)coder_state|(de|en)code)|raw(read|write)|read(_b_buf|buf|chars)|rewind|seeki|sigfigs3p?|strcasecmp|strdup|tell|unreadb|write(b|_b_buf|buf|s)))$$'
+
+ if HAVE_WIN32_LTDL
+ libsox_la_SOURCES += win32-ltdl.c win32-ltdl.h
+diff --git a/src/xmalloc.c b/src/xmalloc.c
+index 9bf1596..5ca7cdd 100644
+--- a/src/xmalloc.c
++++ b/src/xmalloc.c
+@@ -41,3 +41,13 @@ void *lsx_realloc(void *ptr, size_t newsize)
+
+ return ptr;
+ }
++
++void *lsx_realloc_array(void *p, size_t n, size_t size)
++{
++ if (n > (size_t)-1 / size) {
++ lsx_fail("malloc size overflow");
++ exit(2);
++ }
++
++ return lsx_realloc(p, n * size);
++}
+diff --git a/src/xmalloc.h b/src/xmalloc.h
+index 9ee77f6..d708a90 100644
+--- a/src/xmalloc.h
++++ b/src/xmalloc.h
+@@ -28,7 +28,7 @@
+ #define lsx_Calloc(v,n) v = lsx_calloc(n,sizeof(*(v)))
+ #define lsx_strdup(p) ((p)? strcpy((char *)lsx_malloc(strlen(p) + 1), p) : NULL)
+ #define lsx_memdup(p,s) ((p)? memcpy(lsx_malloc(s), p, s) : NULL)
+-#define lsx_valloc(v,n) v = lsx_malloc((n)*sizeof(*(v)))
+-#define lsx_revalloc(v,n) v = lsx_realloc(v, (n)*sizeof(*(v)))
++#define lsx_valloc(v,n) v = lsx_realloc_array(NULL, n, sizeof(*(v)))
++#define lsx_revalloc(v,n) v = lsx_realloc_array(v, n, sizeof(*(v)))
+
+ #endif