pkgsrc-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: pkgsrc/audio/libsndfile



Module Name:    pkgsrc
Committed By:   he
Date:           Wed May 17 21:51:46 UTC 2017

Modified Files:
        pkgsrc/audio/libsndfile: Makefile distinfo
Added Files:
        pkgsrc/audio/libsndfile/patches: patch-src_common.h patch-src_flac.c
            patch-src_sndfile.c

Log Message:
Fix for CVE-2017-8365, ref.
https://github.com/erikd/libsndfile/commit/fd0484aba8e51d16af1e3a880f9b8b857b385eb3
Bump PKGREVISION.


To generate a diff of this commit:
cvs rdiff -u -r1.73 -r1.74 pkgsrc/audio/libsndfile/Makefile
cvs rdiff -u -r1.40 -r1.41 pkgsrc/audio/libsndfile/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/audio/libsndfile/patches/patch-src_common.h \
    pkgsrc/audio/libsndfile/patches/patch-src_flac.c \
    pkgsrc/audio/libsndfile/patches/patch-src_sndfile.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/audio/libsndfile/Makefile
diff -u pkgsrc/audio/libsndfile/Makefile:1.73 pkgsrc/audio/libsndfile/Makefile:1.74
--- pkgsrc/audio/libsndfile/Makefile:1.73       Wed Apr 26 22:35:01 2017
+++ pkgsrc/audio/libsndfile/Makefile    Wed May 17 21:51:46 2017
@@ -1,6 +1,7 @@
-# $NetBSD: Makefile,v 1.73 2017/04/26 22:35:01 maya Exp $
+# $NetBSD: Makefile,v 1.74 2017/05/17 21:51:46 he Exp $
 
 DISTNAME=      libsndfile-1.0.28
+PKGREVISION=   1
 CATEGORIES=    audio
 MASTER_SITES=  http://www.mega-nerd.com/libsndfile/files/
 

Index: pkgsrc/audio/libsndfile/distinfo
diff -u pkgsrc/audio/libsndfile/distinfo:1.40 pkgsrc/audio/libsndfile/distinfo:1.41
--- pkgsrc/audio/libsndfile/distinfo:1.40       Wed Apr 19 13:32:12 2017
+++ pkgsrc/audio/libsndfile/distinfo    Wed May 17 21:51:46 2017
@@ -1,6 +1,9 @@
-$NetBSD: distinfo,v 1.40 2017/04/19 13:32:12 wiz Exp $
+$NetBSD: distinfo,v 1.41 2017/05/17 21:51:46 he Exp $
 
 SHA1 (libsndfile-1.0.28.tar.gz) = 85aa967e19f6b9bf975601d79669025e5f8bc77d
 RMD160 (libsndfile-1.0.28.tar.gz) = f8803966802afe2b5a35cda28c2f764d91c48f37
 SHA512 (libsndfile-1.0.28.tar.gz) = 890731a6b8173f714155ce05eaf6d991b31632c8ab207fbae860968861a107552df26fcf85602df2e7f65502c7256c1b41735e1122485a3a07ddb580aa83b57f
 Size (libsndfile-1.0.28.tar.gz) = 1202833 bytes
+SHA1 (patch-src_common.h) = ed366417009008f816d688cd33809f680cf2f674
+SHA1 (patch-src_flac.c) = d31a3532ed71a2a490c14b5cd90928089d2ab093
+SHA1 (patch-src_sndfile.c) = 34b27502839b8ef271ced8ba562b7281c68ff4da

Added files:

Index: pkgsrc/audio/libsndfile/patches/patch-src_common.h
diff -u /dev/null pkgsrc/audio/libsndfile/patches/patch-src_common.h:1.1
--- /dev/null   Wed May 17 21:51:46 2017
+++ pkgsrc/audio/libsndfile/patches/patch-src_common.h  Wed May 17 21:51:46 2017
@@ -0,0 +1,15 @@
+$NetBSD: patch-src_common.h,v 1.1 2017/05/17 21:51:46 he Exp $
+
+Fix for CVE-2017-8365, ref.
+https://github.com/erikd/libsndfile/commit/fd0484aba8e51d16af1e3a880f9b8b857b385eb3
+
+--- src/common.h.orig  2017-04-01 09:40:45.000000000 +0000
++++ src/common.h
+@@ -725,6 +725,7 @@ enum
+       SFE_FLAC_INIT_DECODER,
+       SFE_FLAC_LOST_SYNC,
+       SFE_FLAC_BAD_SAMPLE_RATE,
++      SFE_FLAC_CHANNEL_COUNT_CHANGED,
+       SFE_FLAC_UNKOWN_ERROR,
+ 
+       SFE_WVE_NOT_WVE,
Index: pkgsrc/audio/libsndfile/patches/patch-src_flac.c
diff -u /dev/null pkgsrc/audio/libsndfile/patches/patch-src_flac.c:1.1
--- /dev/null   Wed May 17 21:51:46 2017
+++ pkgsrc/audio/libsndfile/patches/patch-src_flac.c    Wed May 17 21:51:46 2017
@@ -0,0 +1,27 @@
+$NetBSD: patch-src_flac.c,v 1.1 2017/05/17 21:51:46 he Exp $
+
+Fix for CVE-2017-8365, ref.
+https://github.com/erikd/libsndfile/commit/fd0484aba8e51d16af1e3a880f9b8b857b385eb3
+
+--- src/flac.c.orig    2017-04-02 08:13:30.000000000 +0000
++++ src/flac.c
+@@ -435,6 +435,19 @@ sf_flac_meta_callback (const FLAC__Strea
+ 
+       switch (metadata->type)
+       {       case FLAC__METADATA_TYPE_STREAMINFO :
++                      if (psf->sf.channels > 0 && psf->sf.channels != (int) metadata->data.stream_info.channels)
++                      {       psf_log_printf (psf, "Error: FLAC stream changed from %d to %d channels\n"
++                                                  "Nothing to be but to error out.\n" ,
++                                                  psf->sf.channels, metadata->data.stream_info.channels) ;
++                              psf->error = SFE_FLAC_CHANNEL_COUNT_CHANGED ;
++                              return ;
++                              } ;
++
++                      if (psf->sf.channels > 0 && psf->sf.samplerate != (int) metadata->data.stream_info.sample_rate)
++                      {       psf_log_printf (psf, "Warning: FLAC stream changed sample rates from %d to %d.\n"
++                                                  "Carrying on as if nothing happened.",
++                                                  psf->sf.samplerate, metadata->data.stream_info.sample_rate) ;
++                              } ;
+                       psf->sf.channels = metadata->data.stream_info.channels ;
+                       psf->sf.samplerate = metadata->data.stream_info.sample_rate ;
+                       psf->sf.frames = metadata->data.stream_info.total_samples ;
Index: pkgsrc/audio/libsndfile/patches/patch-src_sndfile.c
diff -u /dev/null pkgsrc/audio/libsndfile/patches/patch-src_sndfile.c:1.1
--- /dev/null   Wed May 17 21:51:46 2017
+++ pkgsrc/audio/libsndfile/patches/patch-src_sndfile.c Wed May 17 21:51:46 2017
@@ -0,0 +1,15 @@
+$NetBSD: patch-src_sndfile.c,v 1.1 2017/05/17 21:51:46 he Exp $
+
+Fix for CVE-2017-8365, ref.
+https://github.com/erikd/libsndfile/commit/fd0484aba8e51d16af1e3a880f9b8b857b385eb3
+
+--- src/sndfile.c.orig 2017-04-02 06:33:16.000000000 +0000
++++ src/sndfile.c
+@@ -245,6 +245,7 @@ ErrorStruct SndfileErrors [] =
+       {       SFE_FLAC_INIT_DECODER   , "Error : problem with initialization of the flac decoder." },
+       {       SFE_FLAC_LOST_SYNC              , "Error : flac decoder lost sync." },
+       {       SFE_FLAC_BAD_SAMPLE_RATE, "Error : flac does not support this sample rate." },
++      {       SFE_FLAC_CHANNEL_COUNT_CHANGED, "Error : flac channel changed mid stream." },
+       {       SFE_FLAC_UNKOWN_ERROR   , "Error : unknown error in flac decoder." },
+ 
+       {       SFE_WVE_NOT_WVE                 , "Error : not a WVE file." },



Home | Main Index | Thread Index | Old Index