helium-3rd-party/meta-openembedded
1
0
Fork 0
mirror of git://git.openembedded.org/meta-openembedded synced 2026-04-02 02:49:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

sox: patch CVE-2017-15370

Browse Source 
Details: https://nvd.nist.gov/vuln/detail/CVE-2017-15370

Pick the patch that was identified by Debian[1] as the solution.

[1]: https://security-tracker.debian.org/tracker/CVE-2017-15370

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
This commit is contained in:
Gyorgy Sarvari 2026-01-26 14:04:58 +01:00 committed by Anuj Mittal
parent 745224d1ac
commit 93464e794d
No known key found for this signature in database
GPG Key ID: 4340AEFE69F5085C
2 changed files with 30 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-15370.patch Normal file
View File

@ -0,0 +1,29 @@
From cd7a008958d208345de04c7b6306c79a8a933f32 Mon Sep 17 00:00:00 2001
From: Mans Rullgard <mans@mansr.com>
Date: Sun, 5 Nov 2017 16:21:23 +0000
Subject: [PATCH] wav: ima_adpcm: fix buffer overflow on corrupt input
(CVE-2017-15370)
Add the same check bad block size as was done for MS adpcm in commit
f39c574b ("More checks for invalid MS ADPCM blocks").
CVE: CVE-2017-15370
Upstream-Status: Backport [https://github.com/mansr/sox/commit/ef3d8be0f80cbb650e4766b545d61e10d7a24c9e]
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
src/wav.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/wav.c b/src/wav.c
index eca1cde..fad334c 100644
--- a/src/wav.c
+++ b/src/wav.c
@@ -127,7 +127,7 @@ static unsigned short ImaAdpcmReadBlock(sox_format_t * ft)
/* work with partial blocks. Specs say it should be null */
/* padded but I guess this is better than trailing quiet. */
samplesThisBlock = lsx_ima_samples_in((size_t)0, (size_t)ft->signal.channels, bytesRead, (size_t) 0);
- if (samplesThisBlock == 0)
+ if (samplesThisBlock == 0 || samplesThisBlock > wav->samplesPerBlock)
{
lsx_warn("Premature EOF on .wav input file");
return 0;

1
meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb
View File

@ -33,6 +33,7 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/sox/sox-${PV}.tar.gz \
file://CVE-2017-11332.patch \
file://CVE-2017-11358.patch \
file://CVE-2017-11359.patch \
file://CVE-2017-15370.patch \
"
SRC_URI[md5sum] = "d04fba2d9245e661f245de0577f48a33"
SRC_URI[sha256sum] = "b45f598643ffbd8e363ff24d61166ccec4836fea6d3888881b8df53e3bb55f6c"