packages/opusfile
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!21 [sync] PR-17: Fix CVE-2022-47021

Browse Source 
From: @openeuler-sync-bot 
Reviewed-by: @gitee-cmd 
Signed-off-by: @gitee-cmd
This commit is contained in:
openeuler-ci-bot 2023-01-30 02:44:39 +00:00 committed by Gitee
commit 018122a32b
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
2 changed files with 46 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
CVE-2022-47021.patch Normal file
View File

@ -0,0 +1,40 @@
From 0a4cd796df5b030cb866f3f4a5e41a4b92caddf5 Mon Sep 17 00:00:00 2001
From: Ralph Giles <giles@thaumas.net>
Date: Tue, 6 Sep 2022 19:04:31 -0700
Subject: [PATCH] Propagate allocation failure from ogg_sync_buffer.
Instead of segfault, report OP_EFAULT if ogg_sync_buffer returns
a null pointer. This allows more graceful recovery by the caller
in the unlikely event of a fallible ogg_malloc call.
We do check the return value elsewhere in the code, so the new
checks make the code more consistent.
Thanks to https://github.com/xiph/opusfile/issues/36 for reporting.
Signed-off-by: Timothy B. Terriberry <tterribe@xiph.org>
Signed-off-by: Mark Harris <mark.hsj@gmail.com>
---
src/opusfile.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/opusfile.c b/src/opusfile.c
index ca219b2..3c3c81e 100644
--- a/src/opusfile.c
+++ b/src/opusfile.c
@@ -148,6 +148,7 @@ static int op_get_data(OggOpusFile *_of,int _nbytes){
int nbytes;
OP_ASSERT(_nbytes>0);
buffer=(unsigned char *)ogg_sync_buffer(&_of->oy,_nbytes);
+ if(OP_UNLIKELY(buffer==NULL))return OP_EFAULT;
nbytes=(int)(*_of->callbacks.read)(_of->stream,buffer,_nbytes);
OP_ASSERT(nbytes<=_nbytes);
if(OP_LIKELY(nbytes>0))ogg_sync_wrote(&_of->oy,nbytes);
@@ -1527,6 +1528,7 @@ static int op_open1(OggOpusFile *_of,
if(_initial_bytes>0){
char *buffer;
buffer=ogg_sync_buffer(&_of->oy,(long)_initial_bytes);
+ if(OP_UNLIKELY(buffer==NULL))return OP_EFAULT;
memcpy(buffer,_initial_data,_initial_bytes*sizeof(*buffer));
ogg_sync_wrote(&_of->oy,(long)_initial_bytes);
}

8
opusfile.spec
View File

@ -1,11 +1,12 @@
Name: opusfile Name: opusfile
Version: 0.11 Version: 0.11
Release: 4 Release: 5
Summary: A high-level API provides seeking, decode, and playback of Opus streams Summary: A high-level API provides seeking, decode, and playback of Opus streams
License: BSD License: BSD
URL: http://www.opus-codec.org/ URL: http://www.opus-codec.org/
Source0: http://downloads.xiph.org/releases/opus/%{name}-%{version}.tar.gz Source0: http://downloads.xiph.org/releases/opus/%{name}-%{version}.tar.gz
Patch0000: 0001-fix-MemorySanitizer-use-of-uninitialized-value.patch Patch0000: 0001-fix-MemorySanitizer-use-of-uninitialized-value.patch
Patch0001: CVE-2022-47021.patch
BuildRequires: gcc libogg-devel openssl-devel opus-devel BuildRequires: gcc libogg-devel openssl-devel opus-devel
@ -50,7 +51,10 @@ Development package for opusfile package.
%{_libdir}/{libopusfile.so,libopusurl.so} %{_libdir}/{libopusfile.so,libopusurl.so}
%changelog %changelog
* Web 02 Jun 2021 zhaoyao<zhaoyao32@huawei.com> - 0.11-4 * Sun Jan 29 2023 yaoxin <yaoxin30@h-partners.com> - 0.11-5
- Fix CVE-2022-47021
* Wed Jun 02 2021 zhaoyao<zhaoyao32@huawei.com> - 0.11-4
- fixs faileds: /bin/sh: gcc: command not found. - fixs faileds: /bin/sh: gcc: command not found.
* Thu Dec 03 2020 maminjie <maminjie1@huawei.com> - 0.11-3 * Thu Dec 03 2020 maminjie <maminjie1@huawei.com> - 0.11-3