summaryrefslogtreecommitdiff
path: root/legacy/sox/CVE-2019-8356.patch
diff options
context:
space:
mode:
authorZach van Rijn <me@zv.io>2023-02-06 03:51:29 +0000
committerZach van Rijn <me@zv.io>2023-02-06 03:53:58 +0000
commit491802e5efd6fa2d5543de51e93ffc2ae0a6f1b1 (patch)
tree1b72677c935f5c82312062ad291474fba200c2be /legacy/sox/CVE-2019-8356.patch
parent130b4b415b5591a7320ea3cfdf87c43987916655 (diff)
downloadpackages-491802e5efd6fa2d5543de51e93ffc2ae0a6f1b1.tar.gz
packages-491802e5efd6fa2d5543de51e93ffc2ae0a6f1b1.tar.bz2
packages-491802e5efd6fa2d5543de51e93ffc2ae0a6f1b1.tar.xz
packages-491802e5efd6fa2d5543de51e93ffc2ae0a6f1b1.zip
user/sox: move to legacy/
This package has numerous CVEs and does not currently build on our pmmx target. It is not required by any other packages at the moment. See also: #961.
Diffstat (limited to 'legacy/sox/CVE-2019-8356.patch')
-rw-r--r--legacy/sox/CVE-2019-8356.patch92
1 files changed, 92 insertions, 0 deletions
diff --git a/legacy/sox/CVE-2019-8356.patch b/legacy/sox/CVE-2019-8356.patch
new file mode 100644
index 000000000..9375bc5ae
--- /dev/null
+++ b/legacy/sox/CVE-2019-8356.patch
@@ -0,0 +1,92 @@
+From b7883ae1398499daaa926ae6621f088f0f531ed8 Mon Sep 17 00:00:00 2001
+From: Mans Rullgard <mans@mansr.com>
+Date: Wed, 24 Apr 2019 16:56:42 +0100
+Subject: [PATCH] fft4g: bail if size too large (CVE-2019-8356)
+
+Prevent overflowing of fixed-size buffers in bitrv2() and bitrv2conj()
+if the transform size is too large.
+---
+ src/fft4g.c | 18 ++++++++++++++++++
+ src/fft4g.h | 2 ++
+ 2 files changed, 20 insertions(+)
+
+diff --git a/src/fft4g.c b/src/fft4g.c
+index 38a8bcc0..88a2a7ec 100644
+--- a/src/fft4g.c
++++ b/src/fft4g.c
+@@ -322,6 +322,9 @@ static void rftfsub(int n, double *a, int nc, double const *c);
+
+ void cdft(int n, int isgn, double *a, int *ip, double *w)
+ {
++ if (n > FFT4G_MAX_SIZE)
++ return;
++
+ if (n > (ip[0] << 2)) {
+ makewt(n >> 2, ip, w);
+ }
+@@ -344,6 +347,9 @@ void rdft(int n, int isgn, double *a, int *ip, double *w)
+ int nw, nc;
+ double xi;
+
++ if (n > FFT4G_MAX_SIZE)
++ return;
++
+ nw = ip[0];
+ if (n > (nw << 2)) {
+ nw = n >> 2;
+@@ -384,6 +390,9 @@ void ddct(int n, int isgn, double *a, int *ip, double *w)
+ int j, nw, nc;
+ double xr;
+
++ if (n > FFT4G_MAX_SIZE)
++ return;
++
+ nw = ip[0];
+ if (n > (nw << 2)) {
+ nw = n >> 2;
+@@ -435,6 +444,9 @@ void ddst(int n, int isgn, double *a, int *ip, double *w)
+ int j, nw, nc;
+ double xr;
+
++ if (n > FFT4G_MAX_SIZE)
++ return;
++
+ nw = ip[0];
+ if (n > (nw << 2)) {
+ nw = n >> 2;
+@@ -486,6 +498,9 @@ void dfct(int n, double *a, double *t, int *ip, double *w)
+ int j, k, l, m, mh, nw, nc;
+ double xr, xi, yr, yi;
+
++ if (n > FFT4G_MAX_SIZE)
++ return;
++
+ nw = ip[0];
+ if (n > (nw << 3)) {
+ nw = n >> 3;
+@@ -576,6 +591,9 @@ void dfst(int n, double *a, double *t, int *ip, double *w)
+ int j, k, l, m, mh, nw, nc;
+ double xr, xi, yr, yi;
+
++ if (n > FFT4G_MAX_SIZE)
++ return;
++
+ nw = ip[0];
+ if (n > (nw << 3)) {
+ nw = n >> 3;
+diff --git a/src/fft4g.h b/src/fft4g.h
+index 2b8051ca..95ee3413 100644
+--- a/src/fft4g.h
++++ b/src/fft4g.h
+@@ -13,6 +13,8 @@
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+ */
+
++#define FFT4G_MAX_SIZE 262144
++
+ void lsx_cdft(int, int, double *, int *, double *);
+ void lsx_rdft(int, int, double *, int *, double *);
+ void lsx_ddct(int, int, double *, int *, double *);
+--
+2.25.0
+