Details: https://nvd.nist.gov/vuln/detail/CVE-2017-11358
Pick the patch that was identified by Debian[1] as the solution. [1]: https://security-tracker.debian.org/tracker/CVE-2017-11358 Signed-off-by: Gyorgy Sarvari <[email protected]> --- .../sox/sox/CVE-2017-11358.patch | 29 +++++++++++++++++++ .../recipes-multimedia/sox/sox_14.4.2.bb | 1 + 2 files changed, 30 insertions(+) create mode 100644 meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-11358.patch diff --git a/meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-11358.patch b/meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-11358.patch new file mode 100644 index 0000000000..9e797c0e7b --- /dev/null +++ b/meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-11358.patch @@ -0,0 +1,29 @@ +From 0e3909288d38487d7c86b11c7509cca01296fdc8 Mon Sep 17 00:00:00 2001 +From: Mans Rullgard <[email protected]> +Date: Sun, 5 Nov 2017 16:43:35 +0000 +Subject: [PATCH] hcom: fix crash on input with corrupt dictionary + (CVE-2017-11358) + +CVE: CVE-2017-11358 +Upstream-Status: Backport [https://github.com/mansr/sox/commit/6cb44a44b9eda6b321ccdbf6483348d4a9798b00] +Signed-off-by: Gyorgy Sarvari <[email protected]> +--- + src/hcom.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/src/hcom.c b/src/hcom.c +index e76820e..ee28cba 100644 +--- a/src/hcom.c ++++ b/src/hcom.c +@@ -150,6 +150,11 @@ static int startread(sox_format_t * ft) + lsx_debug("%d %d", + p->dictionary[i].dict_leftson, + p->dictionary[i].dict_rightson); ++ if ((unsigned) p->dictionary[i].dict_leftson >= dictsize || ++ (unsigned) p->dictionary[i].dict_rightson >= dictsize) { ++ lsx_fail_errno(ft, SOX_EHDR, "Invalid dictionary"); ++ return SOX_EOF; ++ } + } + rc = lsx_skipbytes(ft, (size_t) 1); /* skip pad byte */ + if (rc) diff --git a/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb b/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb index 38566735bc..8f6808b0f0 100644 --- a/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb +++ b/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb @@ -31,6 +31,7 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/sox/sox-${PV}.tar.gz \ file://0001-remove-the-error-line-and-live-without-file-type-det.patch \ file://0001-Update-exported-symbol-list.patch \ file://CVE-2017-11332.patch \ + file://CVE-2017-11358.patch \ " SRC_URI[md5sum] = "d04fba2d9245e661f245de0577f48a33" SRC_URI[sha256sum] = "b45f598643ffbd8e363ff24d61166ccec4836fea6d3888881b8df53e3bb55f6c"
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#123879): https://lists.openembedded.org/g/openembedded-devel/message/123879 Mute This Topic: https://lists.openembedded.org/mt/117467440/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
