D14552.id39851.diff
No OneTemporary
Actions

Size

1 KB

Referenced Files

None

Subscribers

None

D14552.id39851.diff
View Options

	Index: audio/libsndfile/Makefile
	===================================================================
	--- audio/libsndfile/Makefile
	+++ audio/libsndfile/Makefile
	@@ -3,6 +3,7 @@

	PORTNAME= libsndfile
	PORTVERSION= 1.0.28
	+PORTREVISION= 1
	CATEGORIES= audio
	MASTER_SITES= http://www.mega-nerd.com/libsndfile/files/

	@@ -10,6 +11,7 @@
	COMMENT= Reading and writing files containing sampled sound (like WAV or AIFF)

	LICENSE= LGPL21
	+LICENSE_FILE= ${WRKSRC}/COPYING

	USES= cpe gmake libtool localbase pkgconfig
	CPE_VENDOR= ${CPE_PRODUCT}_project
	Index: audio/libsndfile/files/patch-src_aiff.c
	===================================================================
	--- /dev/null
	+++ audio/libsndfile/files/patch-src_aiff.c
	@@ -0,0 +1,19 @@
	+From f833c53cb596e9e1792949f762e0b33661822748 Mon Sep 17 00:00:00 2001
	+From: Erik de Castro Lopo <erikd@mega-nerd.com>
	+Date: Tue, 23 May 2017 20:15:24 +1000
	+Subject: [PATCH] src/aiff.c: Fix a buffer read overflow
	+
	+Secunia Advisory SA76717.
	+
	+Found by: Laurent Delosieres, Secunia Research at Flexera Software
	+--- src/aiff.c.orig 2017-04-01 07:18:02 UTC
	++++ src/aiff.c
	+@@ -1905,7 +1905,7 @@ aiff_read_chanmap (SF_PRIVATE * psf, unsigned dword)
	+ psf_binheader_readf (psf, "j", dword - bytesread) ;
	+
	+ if (map_info->channel_map != NULL)
	+- { size_t chanmap_size = psf->sf.channels * sizeof (psf->channel_map [0]) ;
	++ { size_t chanmap_size = SF_MIN (psf->sf.channels, layout_tag & 0xffff) * sizeof (psf->channel_map [0]) ;
	+
	+ free (psf->channel_map) ;
	+