main/libvorbis: fix for CVE-2017-14160

upstream issue: https://gitlab.xiph.org/xiph/vorbis/issues/2330 fixes #7937
author: Natanael Copa <ncopa@alpinelinux.org> 2017-11-23 09:35:21 +0000
committer: Natanael Copa <ncopa@alpinelinux.org> 2017-11-23 09:35:21 +0000
commit: 24168e0dc14497566f17471bee3a02945832af40 (patch)
tree: 6830df78a083ee2acf081c6ffd9c11694c4f5e5f
parent: c3ffef0e8fdbf281e019ab997b2323426d235e1c (diff)
download: alpine_aports-24168e0dc14497566f17471bee3a02945832af40.tar.bz2
alpine_aports-24168e0dc14497566f17471bee3a02945832af40.tar.xz
alpine_aports-24168e0dc14497566f17471bee3a02945832af40.zip
2 files changed, 68 insertions, 3 deletions
diff --git a/main/libvorbis/APKBUILD b/main/libvorbis/APKBUILD
index 01794075a7..46528ec484 100644
--- a/main/libvorbis/APKBUILD
+++ b/main/libvorbis/APKBUILD
@@ -1,16 +1,22 @@
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=libvorbis
 pkgver=1.3.5
-pkgrel=2
+pkgrel=3
 pkgdesc="Vorbis codec library"
 url="https://xiph.org/vorbis/"
 arch="all"
 license="custom"
 subpackages="$pkgname-dev $pkgname-doc"
 makedepends="libogg-dev"
-source="http://downloads.xiph.org/releases/vorbis/$pkgname-$pkgver.tar.gz"
+source="http://downloads.xiph.org/releases/vorbis/$pkgname-$pkgver.tar.gz
+        CVE-2017-14160.patch
+        "
 builddir="$srcdir/$pkgname-$pkgver"
+# secfixes:
+#   1.3.5-r3:
+#   - CVE-2017-14160
 build() {
        cd "$builddir"
@@ -28,4 +34,5 @@ package() {
        install -Dm644 COPYING "$pkgdir"/usr/share/licenses/$pkgname/COPYING
 }
-sha512sums="6c729a227143abc744a779ec4d4ce9932cd1234e301b766cb5111c3894b7cd866f0267590c7864afd3841ac0d4ae2eb2386e8d14345b7c41c8ce35e996e3656c  libvorbis-1.3.5.tar.gz"
+sha512sums="6c729a227143abc744a779ec4d4ce9932cd1234e301b766cb5111c3894b7cd866f0267590c7864afd3841ac0d4ae2eb2386e8d14345b7c41c8ce35e996e3656c  libvorbis-1.3.5.tar.gz
+4c2f7be947f2159ae47175cba89950c7b7d357b37a20d54382e4fbecd8c268b148e6cb86cb148945c7b68bbe8b14f466e910b35b80903ab51f1b02cfccf5806e  CVE-2017-14160.patch"
diff --git a/main/libvorbis/CVE-2017-14160.patch b/main/libvorbis/CVE-2017-14160.patch
new file mode 100644
index 0000000000..9ad9d18f75
--- /dev/null
+++ b/main/libvorbis/CVE-2017-14160.patch
@@ -0,0 +1,58 @@
+From 98a60969315dba8c1e8231f561e1551670bc80ae Mon Sep 17 00:00:00 2001
+Message-Id: <98a60969315dba8c1e8231f561e1551670bc80ae.1511192857.git.agx@sigxcpu.org>
+From: =?UTF-8?q?Guido=20G=C3=BCnther?= <agx@sigxcpu.org>
+Date: Wed, 15 Nov 2017 13:12:00 +0100
+Subject: [PATCH] CVE-2017-14160: make sure we don't overflow
+---
+ lib/psy.c | 9 ++++-----
+ 1 file changed, 4 insertions(+), 5 deletions(-)
+diff --git a/lib/psy.c b/lib/psy.c
+index 422c6f1e..8bbf6cf3 100644
+--- a/lib/psy.c
+++ b/lib/psy.c
+@@ -599,7 +599,7 @@ static void bark_noise_hybridmp(int n,const long *b,
+     XY[i] = tXY;
+   }
+ 
+-  for (i = 0, x = 0.f;; i++, x += 1.f) {
+  for (i = 0, x = 0.f; i < n; i++, x += 1.f) {
+ 
+     lo = b[i] >> 16;
+     if( lo>=0 ) break;
+@@ -621,12 +621,11 @@ static void bark_noise_hybridmp(int n,const long *b,
+     noise[i] = R - offset;
+   }
+ 
+-  for ( ;; i++, x += 1.f) {
+  for ( ; i < n; i++, x += 1.f) {
+ 
+     lo = b[i] >> 16;
+     hi = b[i] & 0xffff;
+     if(hi>=n)break;
+-
+     tN = N[hi] - N[lo];
+     tX = X[hi] - X[lo];
+     tXX = XX[hi] - XX[lo];
+@@ -651,7 +650,7 @@ static void bark_noise_hybridmp(int n,const long *b,
+ 
+   if (fixed <= 0) return;
+ 
+-  for (i = 0, x = 0.f;; i++, x += 1.f) {
+  for (i = 0, x = 0.f; i < n; i++, x += 1.f) {
+     hi = i + fixed / 2;
+     lo = hi - fixed;
+     if(lo>=0)break;
+@@ -670,7 +669,7 @@ static void bark_noise_hybridmp(int n,const long *b,
+ 
+     if (R - offset < noise[i]) noise[i] = R - offset;
+   }
+-  for ( ;; i++, x += 1.f) {
+  for ( ; i < n; i++, x += 1.f) {
+ 
+     hi = i + fixed / 2;
+     lo = hi - fixed;
+-- 
+2.15.0
author	Natanael Copa <ncopa@alpinelinux.org>	2017-11-23 09:35:21 +0000
committer	Natanael Copa <ncopa@alpinelinux.org>	2017-11-23 09:35:21 +0000
commit	24168e0dc14497566f17471bee3a02945832af40 (patch)
tree	6830df78a083ee2acf081c6ffd9c11694c4f5e5f
parent	c3ffef0e8fdbf281e019ab997b2323426d235e1c (diff)
download	alpine_aports-24168e0dc14497566f17471bee3a02945832af40.tar.bz2 alpine_aports-24168e0dc14497566f17471bee3a02945832af40.tar.xz alpine_aports-24168e0dc14497566f17471bee3a02945832af40.zip

diff --git a/main/libvorbis/APKBUILD b/main/libvorbis/APKBUILD index 01794075a7..46528ec484 100644 --- a/main/libvorbis/APKBUILD +++ b/main/libvorbis/APKBUILD
@@ -1,16 +1,22 @@
1	# Maintainer: Natanael Copa <ncopa@alpinelinux.org>	1	# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
2	pkgname=libvorbis	2	pkgname=libvorbis
3	pkgver=1.3.5	3	pkgver=1.3.5
4	pkgrel=2	4	pkgrel=3
5	pkgdesc="Vorbis codec library"	5	pkgdesc="Vorbis codec library"
6	url="https://xiph.org/vorbis/"	6	url="https://xiph.org/vorbis/"
7	arch="all"	7	arch="all"
8	license="custom"	8	license="custom"
9	subpackages="$pkgname-dev $pkgname-doc"	9	subpackages="$pkgname-dev $pkgname-doc"
10	makedepends="libogg-dev"	10	makedepends="libogg-dev"
11	source="http://downloads.xiph.org/releases/vorbis/$pkgname-$pkgver.tar.gz"	11	source="http://downloads.xiph.org/releases/vorbis/$pkgname-$pkgver.tar.gz
		12	CVE-2017-14160.patch
		13	"
12	builddir="$srcdir/$pkgname-$pkgver"	14	builddir="$srcdir/$pkgname-$pkgver"
13		15
		16	# secfixes:
		17	# 1.3.5-r3:
		18	# - CVE-2017-14160
		19
14	build() {	20	build() {
15	cd "$builddir"	21	cd "$builddir"
16		22
@@ -28,4 +34,5 @@ package() {
28	install -Dm644 COPYING "$pkgdir"/usr/share/licenses/$pkgname/COPYING	34	install -Dm644 COPYING "$pkgdir"/usr/share/licenses/$pkgname/COPYING
29	}	35	}
30		36
31	sha512sums="6c729a227143abc744a779ec4d4ce9932cd1234e301b766cb5111c3894b7cd866f0267590c7864afd3841ac0d4ae2eb2386e8d14345b7c41c8ce35e996e3656c libvorbis-1.3.5.tar.gz"	37	sha512sums="6c729a227143abc744a779ec4d4ce9932cd1234e301b766cb5111c3894b7cd866f0267590c7864afd3841ac0d4ae2eb2386e8d14345b7c41c8ce35e996e3656c libvorbis-1.3.5.tar.gz
		38	4c2f7be947f2159ae47175cba89950c7b7d357b37a20d54382e4fbecd8c268b148e6cb86cb148945c7b68bbe8b14f466e910b35b80903ab51f1b02cfccf5806e CVE-2017-14160.patch"


diff --git a/main/libvorbis/CVE-2017-14160.patch b/main/libvorbis/CVE-2017-14160.patch new file mode 100644 index 0000000000..9ad9d18f75 --- /dev/null +++ b/main/libvorbis/CVE-2017-14160.patch
@@ -0,0 +1,58 @@
		1	From 98a60969315dba8c1e8231f561e1551670bc80ae Mon Sep 17 00:00:00 2001
		2	Message-Id: <98a60969315dba8c1e8231f561e1551670bc80ae.1511192857.git.agx@sigxcpu.org>
		3	From: =?UTF-8?q?Guido=20G=C3=BCnther?= <agx@sigxcpu.org>
		4	Date: Wed, 15 Nov 2017 13:12:00 +0100
		5	Subject: [PATCH] CVE-2017-14160: make sure we don't overflow
		6
		7	---
		8	lib/psy.c \| 9 ++++-----
		9	1 file changed, 4 insertions(+), 5 deletions(-)
		10
		11	diff --git a/lib/psy.c b/lib/psy.c
		12	index 422c6f1e..8bbf6cf3 100644
		13	--- a/lib/psy.c
		14	+++ b/lib/psy.c
		15	@@ -599,7 +599,7 @@ static void bark_noise_hybridmp(int n,const long *b,
		16	XY[i] = tXY;
		17	}
		18
		19	- for (i = 0, x = 0.f;; i++, x += 1.f) {
		20	+ for (i = 0, x = 0.f; i < n; i++, x += 1.f) {
		21
		22	lo = b[i] >> 16;
		23	if( lo>=0 ) break;
		24	@@ -621,12 +621,11 @@ static void bark_noise_hybridmp(int n,const long *b,
		25	noise[i] = R - offset;
		26	}
		27
		28	- for ( ;; i++, x += 1.f) {
		29	+ for ( ; i < n; i++, x += 1.f) {
		30
		31	lo = b[i] >> 16;
		32	hi = b[i] & 0xffff;
		33	if(hi>=n)break;
		34	-
		35	tN = N[hi] - N[lo];
		36	tX = X[hi] - X[lo];
		37	tXX = XX[hi] - XX[lo];
		38	@@ -651,7 +650,7 @@ static void bark_noise_hybridmp(int n,const long *b,
		39
		40	if (fixed <= 0) return;
		41
		42	- for (i = 0, x = 0.f;; i++, x += 1.f) {
		43	+ for (i = 0, x = 0.f; i < n; i++, x += 1.f) {
		44	hi = i + fixed / 2;
		45	lo = hi - fixed;
		46	if(lo>=0)break;
		47	@@ -670,7 +669,7 @@ static void bark_noise_hybridmp(int n,const long *b,
		48
		49	if (R - offset < noise[i]) noise[i] = R - offset;
		50	}
		51	- for ( ;; i++, x += 1.f) {
		52	+ for ( ; i < n; i++, x += 1.f) {
		53
		54	hi = i + fixed / 2;
		55	lo = hi - fixed;
		56	--
		57	2.15.0
		58