FreeBSD Mail Archives

Date:      Sat, 8 May 2021 17:00:15 GMT
From:      Christian Weisgerber <naddy@FreeBSD.org>
To:        ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org
Subject:   git: 3984e6561a7e - main - audio/flac: Fix out-of-bounds read
Message-ID:  <202105081700.148H0FIZ067404@gitrepo.freebsd.org>

next in thread | raw e-mail | index | archive | help

The branch main has been updated by naddy:

URL: https://cgit.FreeBSD.org/ports/commit/?id=3984e6561a7ee7383c502456ae27ce48ee28a028

commit 3984e6561a7ee7383c502456ae27ce48ee28a028
Author:     Christian Weisgerber <naddy@FreeBSD.org>
AuthorDate: 2021-05-08 16:56:07 +0000
Commit:     Christian Weisgerber <naddy@FreeBSD.org>
CommitDate: 2021-05-08 17:00:04 +0000

    audio/flac: Fix out-of-bounds read
    
    Obtained from:  https://github.com/xiph/flac/commit/2e7931c27eb15e387da440a37f12437e35b22dd4
    Security:       49346de2-b015-11eb-9bdf-f8b156b6dcc8
    Security:       CVE-2020-0499
---
 audio/flac/Makefile                            |  1 +
 audio/flac/files/patch-src_libFLAC_bitreader.c | 13 +++++++++++++
 2 files changed, 14 insertions(+)

diff --git a/audio/flac/Makefile b/audio/flac/Makefile
index b3b04c9c9645..7ff50f5804a5 100644
--- a/audio/flac/Makefile
+++ b/audio/flac/Makefile
@@ -2,6 +2,7 @@
 
 PORTNAME=	flac
 PORTVERSION=	1.3.3
+PORTREVISION=	1
 CATEGORIES=	audio
 MASTER_SITES=	https://downloads.xiph.org/releases/flac/
 
diff --git a/audio/flac/files/patch-src_libFLAC_bitreader.c b/audio/flac/files/patch-src_libFLAC_bitreader.c
new file mode 100644
index 000000000000..463343e0d428
--- /dev/null
+++ b/audio/flac/files/patch-src_libFLAC_bitreader.c
@@ -0,0 +1,13 @@
+https://github.com/xiph/flac/commit/2e7931c27eb15e387da440a37f12437e35b22dd4
+
+--- src/libFLAC/bitreader.c.orig	2021-05-08 16:06:17 UTC
++++ src/libFLAC/bitreader.c
+@@ -864,7 +864,7 @@ incomplete_lsbs:
+ 			cwords = br->consumed_words;
+ 			words = br->words;
+ 			ucbits = FLAC__BITS_PER_WORD - br->consumed_bits;
+-			b = br->buffer[cwords] << br->consumed_bits;
++			b = cwords < br->capacity ? br->buffer[cwords] << br->consumed_bits : 0;
+ 		} while(cwords >= words && val < end);
+ 	}
+

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202105081700.148H0FIZ067404>

Header And Logo

Peripheral Links

Site Navigation

Header And Logo

Peripheral Links

Search

Site Navigation