diff options
| author | Zach van Rijn <me@zv.io> | 2023-02-06 03:51:29 +0000 |
|---|---|---|
| committer | Zach van Rijn <me@zv.io> | 2023-02-06 03:53:58 +0000 |
| commit | 491802e5efd6fa2d5543de51e93ffc2ae0a6f1b1 (patch) | |
| tree | 1b72677c935f5c82312062ad291474fba200c2be /user/sox/CVE-2019-8356.patch | |
| parent | 130b4b415b5591a7320ea3cfdf87c43987916655 (diff) | |
| download | packages-491802e5efd6fa2d5543de51e93ffc2ae0a6f1b1.tar.gz packages-491802e5efd6fa2d5543de51e93ffc2ae0a6f1b1.tar.bz2 packages-491802e5efd6fa2d5543de51e93ffc2ae0a6f1b1.tar.xz packages-491802e5efd6fa2d5543de51e93ffc2ae0a6f1b1.zip | |
user/sox: move to legacy/
This package has numerous CVEs and does not currently
build on our pmmx target. It is not required by any
other packages at the moment.
See also: #961.
Diffstat (limited to 'user/sox/CVE-2019-8356.patch')
| -rw-r--r-- | user/sox/CVE-2019-8356.patch | 92 |
1 files changed, 0 insertions, 92 deletions
diff --git a/user/sox/CVE-2019-8356.patch b/user/sox/CVE-2019-8356.patch deleted file mode 100644 index 9375bc5ae..000000000 --- a/user/sox/CVE-2019-8356.patch +++ /dev/null @@ -1,92 +0,0 @@ -From b7883ae1398499daaa926ae6621f088f0f531ed8 Mon Sep 17 00:00:00 2001 -From: Mans Rullgard <mans@mansr.com> -Date: Wed, 24 Apr 2019 16:56:42 +0100 -Subject: [PATCH] fft4g: bail if size too large (CVE-2019-8356) - -Prevent overflowing of fixed-size buffers in bitrv2() and bitrv2conj() -if the transform size is too large. ---- - src/fft4g.c | 18 ++++++++++++++++++ - src/fft4g.h | 2 ++ - 2 files changed, 20 insertions(+) - -diff --git a/src/fft4g.c b/src/fft4g.c -index 38a8bcc0..88a2a7ec 100644 ---- a/src/fft4g.c -+++ b/src/fft4g.c -@@ -322,6 +322,9 @@ static void rftfsub(int n, double *a, int nc, double const *c); - - void cdft(int n, int isgn, double *a, int *ip, double *w) - { -+ if (n > FFT4G_MAX_SIZE) -+ return; -+ - if (n > (ip[0] << 2)) { - makewt(n >> 2, ip, w); - } -@@ -344,6 +347,9 @@ void rdft(int n, int isgn, double *a, int *ip, double *w) - int nw, nc; - double xi; - -+ if (n > FFT4G_MAX_SIZE) -+ return; -+ - nw = ip[0]; - if (n > (nw << 2)) { - nw = n >> 2; -@@ -384,6 +390,9 @@ void ddct(int n, int isgn, double *a, int *ip, double *w) - int j, nw, nc; - double xr; - -+ if (n > FFT4G_MAX_SIZE) -+ return; -+ - nw = ip[0]; - if (n > (nw << 2)) { - nw = n >> 2; -@@ -435,6 +444,9 @@ void ddst(int n, int isgn, double *a, int *ip, double *w) - int j, nw, nc; - double xr; - -+ if (n > FFT4G_MAX_SIZE) -+ return; -+ - nw = ip[0]; - if (n > (nw << 2)) { - nw = n >> 2; -@@ -486,6 +498,9 @@ void dfct(int n, double *a, double *t, int *ip, double *w) - int j, k, l, m, mh, nw, nc; - double xr, xi, yr, yi; - -+ if (n > FFT4G_MAX_SIZE) -+ return; -+ - nw = ip[0]; - if (n > (nw << 3)) { - nw = n >> 3; -@@ -576,6 +591,9 @@ void dfst(int n, double *a, double *t, int *ip, double *w) - int j, k, l, m, mh, nw, nc; - double xr, xi, yr, yi; - -+ if (n > FFT4G_MAX_SIZE) -+ return; -+ - nw = ip[0]; - if (n > (nw << 3)) { - nw = n >> 3; -diff --git a/src/fft4g.h b/src/fft4g.h -index 2b8051ca..95ee3413 100644 ---- a/src/fft4g.h -+++ b/src/fft4g.h -@@ -13,6 +13,8 @@ - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA - */ - -+#define FFT4G_MAX_SIZE 262144 -+ - void lsx_cdft(int, int, double *, int *, double *); - void lsx_rdft(int, int, double *, int *, double *); - void lsx_ddct(int, int, double *, int *, double *); --- -2.25.0 - |