pool/audiofile
SHA256
17
0
Fork 1
Code Issues Pull Requests Activity

Compare commits

base: pool:leap-16.0
Branches Tags
pool:factory pool:leap-16.0 pool:leap-16.1
..
compare: pool:factory
Branches Tags
pool:factory pool:leap-16.0 pool:leap-16.1

4 Commits
leap-16.0 ... factory

Author SHA256 Message Date
Ana Guerrero
7fd07c061e Accepting request 1277567 from multimedia:libs 
OBS-URL: https://build.opensuse.org/request/show/1277567
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/audiofile?expand=0&rev=43
 2025-05-23 12:29:14 +00:00
Takashi Iwai
909a65b778 - Add audiofile-CVE-2019-13147.patch: Do not allow too many channel 
to prevent NULL pointer dereference (bsc#1140031).

OBS-URL: https://build.opensuse.org/package/show/multimedia:libs/audiofile?expand=0&rev=51
 2025-05-15 06:40:29 +00:00
Dominique Leuenberger
c4aaea9dce Accepting request 1273942 from multimedia:libs 
OBS-URL: https://build.opensuse.org/request/show/1273942
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/audiofile?expand=0&rev=42
 2025-05-03 18:58:05 +00:00
Takashi Iwai
c5b61a997e - Add audiofile-CVE-2022-24599.patch: Clear buffer when allocating 
(bsc#1196487).

OBS-URL: https://build.opensuse.org/package/show/multimedia:libs/audiofile?expand=0&rev=49
 2025-05-02 07:59:26 +00:00
4 changed files with 84 additions and 1 deletions
Expand all files Collapse all files

24
audiofile-CVE-2019-13147.patch Normal file
View File

@@ -0,0 +1,24 @@
diff --unified --recursive --text --new-file --color audiofile-0.3.6/libaudiofile/NeXT.cpp audiofile-0.3.6.new/libaudiofile/NeXT.cpp
--- audiofile-0.3.6/libaudiofile/NeXT.cpp 2013-03-06 13:30:03.000000000 +0800
+++ audiofile-0.3.6.new/libaudiofile/NeXT.cpp 2025-05-14 10:45:11.685700984 +0800
@@ -32,6 +32,7 @@
#include <stdint.h>
#include <stdlib.h>
#include <string.h>
+#include <limits.h>
#include "File.h"
#include "Setup.h"
@@ -122,6 +123,12 @@
_af_error(AF_BAD_CHANNELS, "invalid file with 0 channels");
return AF_FAIL;
}
+ /* avoid overflow of INT for double size rate */
+ if (channelCount > (INT32_MAX / (sizeof(double))))
+ {
+ _af_error(AF_BAD_CHANNELS, "invalid file with %i channels", channelCount);
+ return AF_FAIL;
+ }
Track *track = allocateTrack();
if (!track)

43
audiofile-CVE-2022-24599.patch Normal file
View File

@@ -0,0 +1,43 @@
diff --unified --recursive --text --new-file --color audiofile-0.3.6.old/sfcommands/printinfo.c audiofile-0.3.6.new/sfcommands/printinfo.c
--- audiofile-0.3.6.old/sfcommands/printinfo.c 2013-03-06 13:30:03.000000000 +0800
+++ audiofile-0.3.6.new/sfcommands/printinfo.c 2025-04-30 15:18:24.778177640 +0800
@@ -37,6 +37,7 @@
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
+#include <limits.h>
static char *copyrightstring (AFfilehandle file);
@@ -147,7 +148,11 @@
int i, misccount;
misccount = afGetMiscIDs(file, NULL);
- miscids = (int *) malloc(sizeof (int) * misccount);
+ if (!misccount)
+ return NULL;
+ miscids = (int *)calloc(misccount, sizeof(int));
+ if (!miscids)
+ return NULL;
afGetMiscIDs(file, miscids);
for (i=0; i<misccount; i++)
@@ -159,13 +164,16 @@
If this code executes, the miscellaneous chunk is a
copyright chunk.
*/
- int datasize = afGetMiscSize(file, miscids[i]);
- char *data = (char *) malloc(datasize);
+ size_t datasize = afGetMiscSize(file, miscids[i]);
+ if (datasize >= INT_MAX - 1)
+ goto error;
+ char *data = (char *)calloc(datasize + 1, sizeof(char));
afReadMisc(file, miscids[i], data, datasize);
copyright = data;
break;
}
+error:
free(miscids);
return copyright;

12
audiofile.changes
View File

@@ -1,3 +1,15 @@
-------------------------------------------------------------------
Wed May 14 02:41:16 UTC 2025 - Alynx Zhou <alynx.zhou@suse.com>
- Add audiofile-CVE-2019-13147.patch: Do not allow too many channel
to prevent NULL pointer dereference (bsc#1140031).
-------------------------------------------------------------------
Wed Apr 30 06:51:00 UTC 2025 - Alynx Zhou <alynx.zhou@suse.com>
- Add audiofile-CVE-2022-24599.patch: Clear buffer when allocating
(bsc#1196487).
-------------------------------------------------------------------
Tue Mar 12 16:27:36 UTC 2024 - Takashi Iwai <tiwai@suse.com>

6
audiofile.spec
View File

@@ -1,7 +1,7 @@
#
# spec file for package audiofile
#
# Copyright (c) 2024 SUSE LLC
# Copyright (c) 2025 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -47,6 +47,10 @@ Patch8: 0006-Check-for-division-by-zero-in-BlockCodec-runPull.patch
Patch9: 0007-set-the-output-chunk-to-the-amount-of-frames.patch
# PATCH-FIX-OPENSUSE bsc#1221308 -- correction to audiofile-CVE-2015-7747.patch
Patch10: createTemporaryFile-argument-fix.patch
# PATCH-FIX-UPSTREAM audiofile-CVE-2022-24599.patch bsc#1196487 alynx.zhou@suse.com -- Clear buffer when allocating https://github.com/mpruett/audiofile/issues/60#issuecomment-1806866667
Patch11: audiofile-CVE-2022-24599.patch
# PATCH-FIX-UPSTREAM audiofile-CVE-2019-13147.patch bsc#1140031 alynx.zhou@suse.com -- Prevent too many channel https://github.com/mpruett/audiofile/issues/54#issuecomment-1806876076
Patch12: audiofile-CVE-2019-13147.patch
BuildRequires: autoconf
BuildRequires: automake
BuildRequires: gcc-c++