[oe] [meta-multimedia][scarthgap][PATCH 07/11] sox: patch CVE-2017-15642

Gyorgy Sarvari via lists.openembedded.org Mon, 26 Jan 2026 05:05:18 -0800

Details: https://nvd.nist.gov/vuln/detail/CVE-2017-15642


Pick the patch that was identified by Debian[1] as the solution.

[1]: https://security-tracker.debian.org/tracker/CVE-2017-15642

Signed-off-by: Gyorgy Sarvari <[email protected]>
---
 .../sox/sox/CVE-2017-15642.patch              | 35 +++++++++++++++++++
 .../recipes-multimedia/sox/sox_14.4.2.bb      |  1 +
 2 files changed, 36 insertions(+)
 create mode 100644 
meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-15642.patch

diff --git a/meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-15642.patch 
b/meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-15642.patch
new file mode 100644
index 0000000000..c505919edf
--- /dev/null
+++ b/meta-multimedia/recipes-multimedia/sox/sox/CVE-2017-15642.patch
@@ -0,0 +1,35 @@
+From eb9b33dd01ae7b3cf50894e7d5044fc2db183529 Mon Sep 17 00:00:00 2001
+From: Mans Rullgard <[email protected]>
+Date: Mon, 20 Nov 2017 11:03:15 +0000
+Subject: [PATCH] aiff: fix crash on empty comment chunk (CVE-2017-15642)
+
+This fixes a use after free and double free if an empty comment
+chunk follows a non-empty one.
+
+CVE: CVE-2017-15642
+Upstream-Status: Backport 
[https://github.com/mansr/sox/commit/0be259eaa9ce3f3fa587a3ef0cf2c0b9c73167a2]
+Signed-off-by: Gyorgy Sarvari <[email protected]>
+---
+ src/aiff.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/aiff.c b/src/aiff.c
+index 240d2e1..11ddb54 100644
+--- a/src/aiff.c
++++ b/src/aiff.c
+@@ -62,7 +62,6 @@ int lsx_aiffstartread(sox_format_t * ft)
+   size_t ssndsize = 0;
+   char *annotation;
+   char *author;
+-  char *comment = NULL;
+   char *copyright;
+   char *nametext;
+ 
+@@ -270,6 +269,7 @@ int lsx_aiffstartread(sox_format_t * ft)
+       free(annotation);
+     }
+     else if (strncmp(buf, "COMT", (size_t)4) == 0) {
++      char *comment = NULL;
+       rc = commentChunk(&comment, "Comment:", ft);
+       if (rc) {
+         /* Fail already called in function */
diff --git a/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb 
b/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb
index 96d0543520..d49ac822b4 100644
--- a/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb
+++ b/meta-multimedia/recipes-multimedia/sox/sox_14.4.2.bb
@@ -36,6 +36,7 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/sox/sox-${PV}.tar.gz \
            file://CVE-2017-15370.patch \
            file://CVE-2017-15371.patch \
            file://CVE-2017-15372.patch \
+           file://CVE-2017-15642.patch \
            "
 SRC_URI[md5sum] = "d04fba2d9245e661f245de0577f48a33"
 SRC_URI[sha256sum] = 
"b45f598643ffbd8e363ff24d61166ccec4836fea6d3888881b8df53e3bb55f6c"

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#123884): 
https://lists.openembedded.org/g/openembedded-devel/message/123884
Mute This Topic: https://lists.openembedded.org/mt/117467445/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub 
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-

[oe] [meta-multimedia][scarthgap][PATCH 07/11] sox: patch CVE-2017-15642

Reply via email to