forked from pool/aubio
Accepting request 590732 from multimedia:libs
OBS-URL: https://build.opensuse.org/request/show/590732 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/aubio?expand=0&rev=22
This commit is contained in:
commit
61c47f432f
39
aubio-wavread-input-validation.patch
Normal file
39
aubio-wavread-input-validation.patch
Normal file
@ -0,0 +1,39 @@
|
|||||||
|
From 25ecb7338cebc5b8c79092347839c78349ec33f1 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Paul Brossier <piem@piem.org>
|
||||||
|
Date: Tue, 6 Feb 2018 22:32:59 +0100
|
||||||
|
Subject: [PATCH] src/io/source_wavread.c: add some input validation (closes:
|
||||||
|
#158)
|
||||||
|
|
||||||
|
---
|
||||||
|
src/io/source_wavread.c | 20 ++++++++++++++++++++
|
||||||
|
1 file changed, 20 insertions(+)
|
||||||
|
|
||||||
|
--- a/src/io/source_wavread.c
|
||||||
|
+++ b/src/io/source_wavread.c
|
||||||
|
@@ -189,6 +189,26 @@ aubio_source_wavread_t * new_aubio_sourc
|
||||||
|
// BitsPerSample
|
||||||
|
bytes_read += fread(buf, 1, 2, s->fid);
|
||||||
|
bitspersample = read_little_endian(buf, 2);
|
||||||
|
+
|
||||||
|
+ if ( channels == 0 ) {
|
||||||
|
+ AUBIO_ERR("source_wavread: Failed opening %s (number of channels can not be 0)\n", s->path);
|
||||||
|
+ goto beach;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if ( sr == 0 ) {
|
||||||
|
+ AUBIO_ERR("source_wavread: Failed opening %s (samplerate can not be 0)\n", s->path);
|
||||||
|
+ goto beach;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if ( byterate == 0 ) {
|
||||||
|
+ AUBIO_ERR("source_wavread: Failed opening %s (byterate can not be 0)\n", s->path);
|
||||||
|
+ goto beach;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if ( bitspersample == 0 ) {
|
||||||
|
+ AUBIO_ERR("source_wavread: Failed opening %s (bitspersample can not be 0)\n", s->path);
|
||||||
|
+ goto beach;
|
||||||
|
+ }
|
||||||
|
#if 0
|
||||||
|
if ( bitspersample != 16 ) {
|
||||||
|
AUBIO_ERR("source_wavread: can not process %dbit file %s\n",
|
@ -1,3 +1,9 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Fri Mar 23 16:41:03 CET 2018 - tiwai@suse.de
|
||||||
|
|
||||||
|
- Fix divide-by-zero at wavread (CVE-2017-17054, bsc#1070399):
|
||||||
|
aubio-wavread-input-validation.patch
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Mon Jan 1 17:38:57 UTC 2018 - coolo@suse.com
|
Mon Jan 1 17:38:57 UTC 2018 - coolo@suse.com
|
||||||
|
|
||||||
|
@ -19,7 +19,7 @@
|
|||||||
Name: aubio
|
Name: aubio
|
||||||
%define libpkgname libaubio5
|
%define libpkgname libaubio5
|
||||||
Summary: Library for real-time audio labelling
|
Summary: Library for real-time audio labelling
|
||||||
License: GPL-3.0+
|
License: GPL-3.0-or-later
|
||||||
Group: Development/Libraries/C and C++
|
Group: Development/Libraries/C and C++
|
||||||
BuildRequires: alsa-devel
|
BuildRequires: alsa-devel
|
||||||
BuildRequires: doxygen
|
BuildRequires: doxygen
|
||||||
@ -41,6 +41,7 @@ Release: 0
|
|||||||
Source: http://aubio.org/pub/%{name}-%{version}.tar.bz2
|
Source: http://aubio.org/pub/%{name}-%{version}.tar.bz2
|
||||||
Source1: http://aubio.org/pub/%{name}-%{version}.tar.bz2.asc
|
Source1: http://aubio.org/pub/%{name}-%{version}.tar.bz2.asc
|
||||||
Source99: baselibs.conf
|
Source99: baselibs.conf
|
||||||
|
Patch1: aubio-wavread-input-validation.patch
|
||||||
Url: http://aubio.org
|
Url: http://aubio.org
|
||||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||||
%define debug_package_requires %{libpkgname} = %{version}-%{release}
|
%define debug_package_requires %{libpkgname} = %{version}-%{release}
|
||||||
@ -82,6 +83,7 @@ This package includes the example programs for aubio library.
|
|||||||
|
|
||||||
%prep
|
%prep
|
||||||
%setup -q
|
%setup -q
|
||||||
|
%patch1 -p1
|
||||||
sed -e "s,/lib,/%_lib," src/wscript_build > src/wscript_build.new
|
sed -e "s,/lib,/%_lib," src/wscript_build > src/wscript_build.new
|
||||||
diff -u src/wscript_build src/wscript_build.new || :
|
diff -u src/wscript_build src/wscript_build.new || :
|
||||||
mv src/wscript_build.new src/wscript_build
|
mv src/wscript_build.new src/wscript_build
|
||||||
|
@ -21,7 +21,7 @@ Name: python-aubio
|
|||||||
Version: 0.4.6
|
Version: 0.4.6
|
||||||
Release: 0
|
Release: 0
|
||||||
Summary: A collection of tools for music analysis
|
Summary: A collection of tools for music analysis
|
||||||
License: GPL-3.0+
|
License: GPL-3.0-or-later
|
||||||
Group: Development/Languages/Python
|
Group: Development/Languages/Python
|
||||||
Url: http://aubio.org/
|
Url: http://aubio.org/
|
||||||
Source: http://aubio.org/pub/aubio-%{version}.tar.bz2
|
Source: http://aubio.org/pub/aubio-%{version}.tar.bz2
|
||||||
|
Loading…
Reference in New Issue
Block a user