diff options
| author | drochner <drochner@pkgsrc.org> | 2008-05-14 16:36:18 +0000 |
|---|---|---|
| committer | drochner <drochner@pkgsrc.org> | 2008-05-14 16:36:18 +0000 |
| commit | ef8ece7326a1db2ab594a18a69da507605d29c71 (patch) | |
| tree | e89f03324c91c15ad7f346e83d1ab08a7fced380 /audio/libvorbis | |
| parent | 89afcb507d8241e947f44a9d5cc29afcf2aad06a (diff) | |
| download | pkgsrc-ef8ece7326a1db2ab594a18a69da507605d29c71.tar.gz | |
pull some patches from upstream CVS to fix integer overflows /
buffer overflows (CVE-2008-1419, CVE-2008-1420, CVE-2008-1423),
bump PKGREVISION
Diffstat (limited to 'audio/libvorbis')
| -rw-r--r-- | audio/libvorbis/Makefile | 3 | ||||
| -rw-r--r-- | audio/libvorbis/distinfo | 4 | ||||
| -rw-r--r-- | audio/libvorbis/patches/patch-aa | 34 | ||||
| -rw-r--r-- | audio/libvorbis/patches/patch-ab | 22 |
4 files changed, 61 insertions, 2 deletions
diff --git a/audio/libvorbis/Makefile b/audio/libvorbis/Makefile index 44fe0536ba1..890e1713997 100644 --- a/audio/libvorbis/Makefile +++ b/audio/libvorbis/Makefile @@ -1,6 +1,7 @@ -# $NetBSD: Makefile,v 1.46 2007/07/28 07:58:48 wiz Exp $ +# $NetBSD: Makefile,v 1.47 2008/05/14 16:36:18 drochner Exp $ DISTNAME= libvorbis-1.2.0 +PKGREVISION= 1 CATEGORIES= devel audio MASTER_SITES= http://downloads.xiph.org/releases/vorbis/ diff --git a/audio/libvorbis/distinfo b/audio/libvorbis/distinfo index 75650020361..e4388de3f91 100644 --- a/audio/libvorbis/distinfo +++ b/audio/libvorbis/distinfo @@ -1,5 +1,7 @@ -$NetBSD: distinfo,v 1.14 2007/07/28 07:58:48 wiz Exp $ +$NetBSD: distinfo,v 1.15 2008/05/14 16:36:18 drochner Exp $ SHA1 (libvorbis-1.2.0.tar.gz) = 6ff5f9d9d71cc385ee180171cc21af5653b76a16 RMD160 (libvorbis-1.2.0.tar.gz) = 54bf2b48943e283f003cd5dfb4bf9e519b6a817d Size (libvorbis-1.2.0.tar.gz) = 1494373 bytes +SHA1 (patch-aa) = 8d6d491a75531eb0527da6218eeb123692ae747e +SHA1 (patch-ab) = 07c6ef26df0adf1abce4b96a6aff512ed1d6597a diff --git a/audio/libvorbis/patches/patch-aa b/audio/libvorbis/patches/patch-aa new file mode 100644 index 00000000000..68a94ca9833 --- /dev/null +++ b/audio/libvorbis/patches/patch-aa @@ -0,0 +1,34 @@ +$NetBSD: patch-aa,v 1.3 2008/05/14 16:36:18 drochner Exp $ + +--- ./lib/res0.c.orig 2007-07-24 02:09:47.000000000 +0200 ++++ ./lib/res0.c +@@ -223,6 +223,20 @@ vorbis_info_residue *res0_unpack(vorbis_ + for(j=0;j<acc;j++) + if(info->booklist[j]>=ci->books)goto errout; + ++ /* verify the phrasebook is not specifying an impossible or
++ inconsistent partitioning scheme. */
++ {
++ int entries = ci->book_param[info->groupbook]->entries;
++ int dim = ci->book_param[info->groupbook]->dim;
++ int partvals = 1;
++ while(dim>0){
++ partvals *= info->partitions;
++ if(partvals > entries) goto errout;
++ dim--;
++ }
++ if(partvals != entries) goto errout;
++ }
++
+ return(info); + errout: + res0_free_info(info); +@@ -263,7 +277,7 @@ vorbis_look_residue *res0_look(vorbis_ds + } + } + +- look->partvals=rint(pow((float)look->parts,(float)dim)); ++ look->partvals=look->phrasebook->entries; + look->stages=maxstage; + look->decodemap=_ogg_malloc(look->partvals*sizeof(*look->decodemap)); + for(j=0;j<look->partvals;j++){ diff --git a/audio/libvorbis/patches/patch-ab b/audio/libvorbis/patches/patch-ab new file mode 100644 index 00000000000..43a4f0c7eb4 --- /dev/null +++ b/audio/libvorbis/patches/patch-ab @@ -0,0 +1,22 @@ +$NetBSD: patch-ab,v 1.3 2008/05/14 16:36:18 drochner Exp $ + +--- ./lib/codebook.c.orig 2008-05-14 18:17:20.000000000 +0200 ++++ ./lib/codebook.c +@@ -159,6 +159,8 @@ int vorbis_staticbook_unpack(oggpack_buf + s->entries=oggpack_read(opb,24); + if(s->entries==-1)goto _eofout; + ++ if(_ilog(s->dim)+_ilog(s->entries)>24)goto _eofout; ++ + /* codeword ordering.... length ordered or unordered? */ + switch((int)oggpack_read(opb,1)){ + case 0: +@@ -225,7 +227,7 @@ int vorbis_staticbook_unpack(oggpack_buf + int quantvals=0; + switch(s->maptype){ + case 1: +- quantvals=_book_maptype1_quantvals(s); ++ quantvals=(s->dim==0?0:_book_maptype1_quantvals(s)); + break; + case 2: + quantvals=s->entries*s->dim; |