libsndfile/sndfile-ocloexec.patch

---
 src/file_io.c |    3 +++
 1 file changed, 3 insertions(+)

Index: libsndfile-1.1.0/src/file_io.c
===================================================================
--- libsndfile-1.1.0.orig/src/file_io.c
+++ libsndfile-1.1.0/src/file_io.c
@@ -598,6 +598,9 @@ psf_open_fd (PSF_FILE * pfile)
 				return - SFE_BAD_OPEN_MODE ;
 				break ;
 		} ;
+#ifdef O_CLOEXEC
+        oflag |= O_CLOEXEC;
+#endif
 
 	if (mode == 0)
 		fd = open (pfile->path, oflag) ;
Accepting request 345901 from home:tiwai:branches:multimedia:libs - Update to version 1.0.26: * Fix for CVE-2014-9496, CVE-2014-9756 and CVE-2015-7805. * Add ALAC/CAF support. Minor bug fixes and improvements. - Update to version 1.0.26: * Fix for CVE-2014-9496, CVE-2014-9756 and CVE-2015-7805. * Add ALAC/CAF support. Minor bug fixes and improvements. - Refreshed patches: sndfile-ocloexec.patch libsndfile-psf_strlcpy_crlf-fix-CVE-2015-8075.patch - Removed obsoleted patches: libsndfile-example-fix.diff libsndfile-fix-header-read-CVE-2015-7805.patch libsndfile-paf-zero-division-fix.diff libsndfile-src-common.c-Fix-a-header-parsing-bug.patch libsndfile-src-file_io.c-Prevent-potential-divide-by-zero.patch sndfile-src-sd2.c-Fix-segfault-in-SD2-RSRC-parser.patch sndfile-src-sd2.c-Fix-two-potential-buffer-read-overflows.patch OBS-URL: https://build.opensuse.org/request/show/345901 OBS-URL: https://build.opensuse.org/package/show/multimedia:libs/libsndfile?expand=0&rev=50 2015-11-23 19:49:52 +01:00			`---`
			`src/file_io.c \| 3 +++`
			`1 file changed, 3 insertions(+)`

Accepting request 967827 from home:tiwai:branches:multimedia:libs - Fix build with libsndfile 1.1.0; add missing build reqs - update to 1.1.0: * Added MPEG Encode/Decode Support * New fuzzer for OSS-Fuzz, thanks @DavidKorczynski. Fixed: * Memory leak in caf_read_header(), credit to OSS-Fuzz (issue 30375). * Stack overflow in guess_file_type() * Abort in fuzzer, thanks @bobsayshilol, credit to OSS-Fuzz * Infinite loop in svx_read_header(), thanks @bobsayshilol, credit to OSS-Fuzz * GCC and Clang pedantic warnings, thanks @bobsayshilol. * Normalisation issue when scaling floating point data to int in replace_read_f2i(), thanks @bobsayshilol, (issue #702). * Missing samples when doing a partial read of Ogg file from index till the end of file, thanks @arthurt (issue #643). * sndfile-salvage: Handle files > 4 GB on Windows OS * Undefined shift in dyn_get_32bit(), credit to OSS-Fuzz * Integer overflow in nms_adpcm_update(), credit to OSS-Fuzz * Integer overflow in psf_log_printf(), credit to OSS-Fuzz * ABI version incompatibility between Autotools and CMake build on Apple platforms. * Heap buffer overflow in wavlike_ima_decode_block() * Heap buffer overflow in msadpcm_decode_block() * Heap buffer overflow in psf_binheader_readf() * Index out of bounds in psf_nms_adpcm_decode_block() * Heap buffer overflow in flac_buffer_copy() * Heap buffer overflow in copyPredictorTo24() * Uninitialized variable in psf_binheader_readf() - drop sndfile-deinterlace-channels-check.patch ms_adpcm-Fix-and-extend-size-checks.patch, libsndfile-CVE-2021-4156.patch (obsolete) OBS-URL: https://build.opensuse.org/request/show/967827 OBS-URL: https://build.opensuse.org/package/show/multimedia:libs/libsndfile?expand=0&rev=84 2022-04-08 15:14:05 +02:00			`Index: libsndfile-1.1.0/src/file_io.c`
			`===================================================================`
			`--- libsndfile-1.1.0.orig/src/file_io.c`
			`+++ libsndfile-1.1.0/src/file_io.c`
			`@@ -598,6 +598,9 @@ psf_open_fd (PSF_FILE * pfile)`
Accepting request 93380 from home:elvigia:branches:multimedia:libs - use O_CLOEXEC in library code. OBS-URL: https://build.opensuse.org/request/show/93380 OBS-URL: https://build.opensuse.org/package/show/multimedia:libs/libsndfile?expand=0&rev=33 2011-11-24 08:26:14 +01:00			`return - SFE_BAD_OPEN_MODE ;`
			`break ;`
			`} ;`
			`+#ifdef O_CLOEXEC`
			`+ oflag \|= O_CLOEXEC;`
			`+#endif`

			`if (mode == 0)`
Accepting request 967827 from home:tiwai:branches:multimedia:libs - Fix build with libsndfile 1.1.0; add missing build reqs - update to 1.1.0: * Added MPEG Encode/Decode Support * New fuzzer for OSS-Fuzz, thanks @DavidKorczynski. Fixed: * Memory leak in caf_read_header(), credit to OSS-Fuzz (issue 30375). * Stack overflow in guess_file_type() * Abort in fuzzer, thanks @bobsayshilol, credit to OSS-Fuzz * Infinite loop in svx_read_header(), thanks @bobsayshilol, credit to OSS-Fuzz * GCC and Clang pedantic warnings, thanks @bobsayshilol. * Normalisation issue when scaling floating point data to int in replace_read_f2i(), thanks @bobsayshilol, (issue #702). * Missing samples when doing a partial read of Ogg file from index till the end of file, thanks @arthurt (issue #643). * sndfile-salvage: Handle files > 4 GB on Windows OS * Undefined shift in dyn_get_32bit(), credit to OSS-Fuzz * Integer overflow in nms_adpcm_update(), credit to OSS-Fuzz * Integer overflow in psf_log_printf(), credit to OSS-Fuzz * ABI version incompatibility between Autotools and CMake build on Apple platforms. * Heap buffer overflow in wavlike_ima_decode_block() * Heap buffer overflow in msadpcm_decode_block() * Heap buffer overflow in psf_binheader_readf() * Index out of bounds in psf_nms_adpcm_decode_block() * Heap buffer overflow in flac_buffer_copy() * Heap buffer overflow in copyPredictorTo24() * Uninitialized variable in psf_binheader_readf() - drop sndfile-deinterlace-channels-check.patch ms_adpcm-Fix-and-extend-size-checks.patch, libsndfile-CVE-2021-4156.patch (obsolete) OBS-URL: https://build.opensuse.org/request/show/967827 OBS-URL: https://build.opensuse.org/package/show/multimedia:libs/libsndfile?expand=0&rev=84 2022-04-08 15:14:05 +02:00			`fd = open (pfile->path, oflag) ;`