mirror of
https://git.yoctoproject.org/poky
synced 2026-04-30 21:32:13 +02:00
284b56a2e2
Added missing commits for complete CVE fix Ref: https://github.com/libsndfile/libsndfile/issues/833 https://ubuntu.com/security/CVE-2022-33065 (From OE-Core rev: fc34dde58e8be19d703479c8e025e27294cdb579) Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
35 lines
1.3 KiB
Diff
35 lines
1.3 KiB
Diff
From 839fa9131820d689b2038c81531b618b2932fbe3 Mon Sep 17 00:00:00 2001
|
|
From: Alex Stewart <alex.stewart@ni.com>
|
|
Date: Wed, 11 Oct 2023 16:46:29 -0400
|
|
Subject: [PATCH 07/17] avr: fix int overflow in avr_read_header()
|
|
|
|
Pre-cast hdr.frames to sf_count_t, to provide the calculation with
|
|
enough numeric space to avoid an int-overflow.
|
|
|
|
CVE: CVE-2022-33065
|
|
Fixes: https://github.com/libsndfile/libsndfile/issues/833
|
|
|
|
Signed-off-by: Alex Stewart <alex.stewart@ni.com>
|
|
|
|
Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/libsndfile/tree/debian/patches/CVE-2022-33065/CVE-2022-33065-3.patch?h=ubuntu/jammy-security
|
|
Upstream commit https://github.com/libsndfile/libsndfile/commit/839fa9131820d689b2038c81531b618b2932fbe3]
|
|
CVE: CVE-2022-33065
|
|
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
|
|
---
|
|
src/avr.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/src/avr.c b/src/avr.c
|
|
index 6c78ff69b..1bc1ffc90 100644
|
|
--- a/src/avr.c
|
|
+++ b/src/avr.c
|
|
@@ -162,7 +162,7 @@ avr_read_header (SF_PRIVATE *psf)
|
|
psf->endian = SF_ENDIAN_BIG ;
|
|
|
|
psf->dataoffset = AVR_HDR_SIZE ;
|
|
- psf->datalength = hdr.frames * (hdr.rez / 8) ;
|
|
+ psf->datalength = (sf_count_t) hdr.frames * (hdr.rez / 8) ;
|
|
|
|
if (psf->fileoffset > 0)
|
|
psf->filelength = AVR_HDR_SIZE + psf->datalength ;
|