FreeBSD Bugzilla – Attachment 216769 Details for
Bug 248268
audio/libsndfile: Update to master branch and use cmake
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch for libsndfile
0001-libsndfile.patch (text/plain), 32.97 KB, created by
Daniel Engberg
on 2020-07-25 18:43:56 UTC
(
hide
)
Description:
Patch for libsndfile
Filename:
MIME Type:
Creator:
Daniel Engberg
Created:
2020-07-25 18:43:56 UTC
Size:
32.97 KB
patch
obsolete
>From c92365aeb1e007c0e70574ce46a10bd6def43bbe Mon Sep 17 00:00:00 2001 >From: Daniel Engberg <daniel.engberg.lists@pyret.net> >Date: Sat, 25 Jul 2020 20:00:20 +0200 >Subject: [PATCH] libsndfile > >libsndfile > >Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net> >--- > audio/libsndfile/Makefile | 53 +++++------ > audio/libsndfile/distinfo | 6 +- > ...ke_SndFileChecks.cmake-disableexternallibs | 32 +++++++ > audio/libsndfile/files/patch-CMakeLists.txt | 13 +++ > audio/libsndfile/files/patch-CVE-2017-12562 | 82 ----------------- > audio/libsndfile/files/patch-CVE-2017-14634 | 29 ------ > ...017-17456_2017-17457_2018-19661_2018-19662 | 90 ------------------- > audio/libsndfile/files/patch-CVE-2017-6892 | 19 ---- > audio/libsndfile/files/patch-CVE-2017-8361 | 53 ----------- > audio/libsndfile/files/patch-CVE-2017-8362 | 44 --------- > audio/libsndfile/files/patch-CVE-2017-8363 | 22 ----- > audio/libsndfile/files/patch-CVE-2018-19758 | 31 ------- > ...Check-MAX_CHANNELS-in-sndfile-deinterleave | 30 ------- > .../files/patch-cmake_SndFileChecks.cmake | 14 +++ > audio/libsndfile/files/patch-rf64_arm | 49 ---------- > audio/libsndfile/files/patch-typos | 67 -------------- > audio/libsndfile/pkg-plist | 19 ++-- > 17 files changed, 99 insertions(+), 554 deletions(-) > create mode 100644 audio/libsndfile/files/extrapatch-cmake_SndFileChecks.cmake-disableexternallibs > create mode 100644 audio/libsndfile/files/patch-CMakeLists.txt > delete mode 100644 audio/libsndfile/files/patch-CVE-2017-12562 > delete mode 100644 audio/libsndfile/files/patch-CVE-2017-14634 > delete mode 100644 audio/libsndfile/files/patch-CVE-2017-17456_2017-17457_2018-19661_2018-19662 > delete mode 100644 audio/libsndfile/files/patch-CVE-2017-6892 > delete mode 100644 audio/libsndfile/files/patch-CVE-2017-8361 > delete mode 100644 audio/libsndfile/files/patch-CVE-2017-8362 > delete mode 100644 audio/libsndfile/files/patch-CVE-2017-8363 > delete mode 100644 audio/libsndfile/files/patch-CVE-2018-19758 > delete mode 100644 audio/libsndfile/files/patch-Check-MAX_CHANNELS-in-sndfile-deinterleave > create mode 100644 audio/libsndfile/files/patch-cmake_SndFileChecks.cmake > delete mode 100644 audio/libsndfile/files/patch-rf64_arm > delete mode 100644 audio/libsndfile/files/patch-typos > >diff --git a/audio/libsndfile/Makefile b/audio/libsndfile/Makefile >index 07f38dc2c768..1201a012d209 100644 >--- a/audio/libsndfile/Makefile >+++ b/audio/libsndfile/Makefile >@@ -2,10 +2,8 @@ > # $FreeBSD$ > > PORTNAME= libsndfile >-PORTVERSION= 1.0.28 >-PORTREVISION= 2 >+DISTVERSION= 1.0.29pre2.20200620 > CATEGORIES= audio >-MASTER_SITES= http://www.mega-nerd.com/libsndfile/files/ > > MAINTAINER= multimedia@FreeBSD.org > COMMENT= Reading and writing files containing sampled sound (like WAV or AIFF) >@@ -13,37 +11,42 @@ COMMENT= Reading and writing files containing sampled sound (like WAV or AIFF) > LICENSE= LGPL21+ > LICENSE_FILE= ${WRKSRC}/COPYING > >-USES= cpe gmake libtool localbase pkgconfig >+USES= cmake cpe localbase pkgconfig python:build,test shebangfix >+SHEBANG_FILES= programs/test-sndfile-metadata-set.py \ >+ src/binheader_writef_check.py \ >+ src/create_symbols_file.py >+ > CPE_VENDOR= ${CPE_PRODUCT}_project >-GNU_CONFIGURE= yes >-CONFIGURE_ARGS= --disable-gcc-pipe \ >- --disable-sqlite \ >- --disable-alsa \ >- --disable-octave \ >- --with-pkgconfigdir=${PREFIX}/libdata/pkgconfig >+ >+USE_GITHUB= yes >+GH_ACCOUNT= erikd >+GH_TAGNAME= 2ccb23f >+ > USE_LDCONFIG= yes >-TEST_TARGET= check >-INSTALL_TARGET= install-strip > >-OPTIONS_DEFINE= CPU_CLIP EXTERNAL DOCS >+OPTIONS_DEFINE= DOCS EXTERNAL STATIC TEST >+OPTIONS_SUB= yes > OPTIONS_DEFAULT= EXTERNAL >-CPU_CLIP_DESC= Allow machine-dependent clipping >-EXTERNAL_DESC= Enable FLAC and Ogg Vorbis support >- >-CPU_CLIP_VARS= MANUAL_PACKAGE_BUILD="WITH_CPU_CLIP may customize the package for the build machine" >-CPU_CLIP_CONFIGURE_OFF= --disable-cpu-clip >+EXTERNAL_DESC= Enable FLAC, Ogg Vorbis, Opus support >+TEST_IMPLIES= STATIC > > EXTERNAL_LIB_DEPENDS= libFLAC.so:audio/flac \ > libogg.so:audio/libogg \ >+ libopus.so:audio/opus \ > libvorbis.so:audio/libvorbis >-EXTERNAL_CONFIGURE_OFF= --disable-external-libs > >-post-patch: >- @${REINPLACE_CMD} -e '/^SUBDIRS =/s/ doc / /g' ${WRKSRC}/Makefile.in >+STATIC_CMAKE_OFF= -DBUILD_SHARED_LIBS:BOOL=ON >+ >+TEST_CMAKE_ON= -DBUILD_TESTING:BOOL=ON >+TEST_CMAKE_OFF= -DBUILD_TESTING:BOOL=OFF >+ >+.include <bsd.port.options.mk> >+ >+.if ! ${PORT_OPTIONS:MEXTERNAL} >+EXTRA_PATCHES= ${FILESDIR}/extrapatch-cmake_SndFileChecks.cmake-disableexternallibs >+.endif > >-post-install-DOCS-on: >- @${MKDIR} ${STAGEDIR}${DOCSDIR} >- @${TAR} -C ${WRKSRC}/doc --exclude "*Makefile*" --exclude "*.in" \ >- -cf - . | ${TAR} -C ${STAGEDIR}${DOCSDIR} --unlink -xf - >+do-test: >+ (cd ${TEST_WRKSRC} && CTEST_OUTPUT_ON_FAILURE=1 ctest -V) > > .include <bsd.port.mk> >diff --git a/audio/libsndfile/distinfo b/audio/libsndfile/distinfo >index 1375efa1fcd8..ec1384fd1dfd 100644 >--- a/audio/libsndfile/distinfo >+++ b/audio/libsndfile/distinfo >@@ -1,3 +1,3 @@ >-TIMESTAMP = 1494006962 >-SHA256 (libsndfile-1.0.28.tar.gz) = 1ff33929f042fa333aed1e8923aa628c3ee9e1eb85512686c55092d1e5a9dfa9 >-SIZE (libsndfile-1.0.28.tar.gz) = 1202833 >+TIMESTAMP = 1595508551 >+SHA256 (erikd-libsndfile-1.0.29pre2.20200620-2ccb23f_GH0.tar.gz) = 70fee769ab60c579090edf5a43a4959a71feb14f0e531394f4e1c1a9741258c3 >+SIZE (erikd-libsndfile-1.0.29pre2.20200620-2ccb23f_GH0.tar.gz) = 721895 >diff --git a/audio/libsndfile/files/extrapatch-cmake_SndFileChecks.cmake-disableexternallibs b/audio/libsndfile/files/extrapatch-cmake_SndFileChecks.cmake-disableexternallibs >new file mode 100644 >index 000000000000..b54e202af521 >--- /dev/null >+++ b/audio/libsndfile/files/extrapatch-cmake_SndFileChecks.cmake-disableexternallibs >@@ -0,0 +1,32 @@ >+--- cmake/SndFileChecks.cmake.orig 2020-07-23 13:42:53 UTC >++++ cmake/SndFileChecks.cmake >+@@ -31,28 +31,7 @@ if (VCPKG_TOOLCHAIN AND (NOT CMAKE_VERSION VERSION_LES >+ set (CMAKE_FIND_PACKAGE_PREFER_CONFIG ON) >+ endif () >+ >+-if (CMAKE_FIND_PACKAGE_PREFER_CONFIG) >+- find_package (Ogg 1.3 CONFIG) >+- find_package (Vorbis CONFIG COMPONENTS Enc) >+- find_package (FLAC CONFIG) >+- find_package (Opus CONFIG) >+- >+- include (FindPackageHandleStandardArgs) >+- find_package_handle_standard_args (Ogg CONFIG_MODE) >+- find_package_handle_standard_args (Vorbis CONFIG_MODE) >+- find_package_handle_standard_args (FLAC CONFIG_MODE) >+- find_package_handle_standard_args (Opus CONFIG_MODE) >+-else () >+- find_package (Ogg 1.3) >+- find_package (Vorbis COMPONENTS Enc) >+- find_package (FLAC) >+- find_package (Opus) >+-endif () >+-if (Vorbis_FOUND AND FLAC_FOUND AND Opus_FOUND) >+- set (HAVE_EXTERNAL_XIPH_LIBS 1) >+-else () >+- set (HAVE_EXTERNAL_XIPH_LIBS 0) >+-endif () >++set (HAVE_EXTERNAL_XIPH_LIBS 0) >+ >+ find_package (Speex) >+ find_package (SQLite3) >diff --git a/audio/libsndfile/files/patch-CMakeLists.txt b/audio/libsndfile/files/patch-CMakeLists.txt >new file mode 100644 >index 000000000000..4bbd5ce32b8a >--- /dev/null >+++ b/audio/libsndfile/files/patch-CMakeLists.txt >@@ -0,0 +1,13 @@ >+--- CMakeLists.txt.orig 2020-07-23 12:41:43 UTC >++++ CMakeLists.txt >+@@ -74,8 +74,8 @@ cmake_dependent_option (ENABLE_COMPATIBLE_LIBSNDFILE_N >+ >+ set (HAVE_EXTERNAL_XIPH_LIBS ${ENABLE_EXTERNAL_LIBS}) >+ set (HAVE_SQLITE3 ${BUILD_REGTEST}) >+-set (HAVE_ALSA_ASOUNDLIB_H ${ALSA_FOUND}) >+-set (HAVE_SNDIO_H ${SNDIO_FOUND}) >++set (HAVE_ALSA_ASOUNDLIB_H 0) >++set (HAVE_SNDIO_H 0) >+ >+ set (ENABLE_EXPERIMENTAL_CODE ${ENABLE_EXPERIMENTAL}) >+ set (HAVE_SPEEX ${ENABLE_EXPERIMENTAL}) >diff --git a/audio/libsndfile/files/patch-CVE-2017-12562 b/audio/libsndfile/files/patch-CVE-2017-12562 >deleted file mode 100644 >index d43d15f237bd..000000000000 >--- a/audio/libsndfile/files/patch-CVE-2017-12562 >+++ /dev/null >@@ -1,82 +0,0 @@ >-From cf7a8182c2642c50f1cf90dddea9ce96a8bad2e8 Mon Sep 17 00:00:00 2001 >-From: =?UTF-8?q?J=C3=B6rn=20Heusipp?= <osmanx@problemloesungsmaschine.de> >-Date: Wed, 14 Jun 2017 12:25:40 +0200 >-Subject: [PATCH] src/common.c: Fix heap buffer overflows when writing strings >- in binheader >- >-Fixes the following problems: >- 1. Case 's' only enlarges the buffer by 16 bytes instead of size bytes. >- 2. psf_binheader_writef() enlarges the header buffer (if needed) prior to the >- big switch statement by an amount (16 bytes) which is enough for all cases >- where only a single value gets added. Cases 's', 'S', 'p' however >- additionally write an arbitrary length block of data and again enlarge the >- buffer to the required amount. However, the required space calculation does >- not take into account the size of the length field which gets output before >- the data. >- 3. Buffer size requirement calculation in case 'S' does not account for the >- padding byte ("size += (size & 1) ;" happens after the calculation which >- uses "size"). >- 4. Case 'S' can overrun the header buffer by 1 byte when no padding is >- involved >- ("memcpy (&(psf->header.ptr [psf->header.indx]), strptr, size + 1) ;" while >- the buffer is only guaranteed to have "size" space available). >- 5. "psf->header.ptr [psf->header.indx] = 0 ;" in case 'S' always writes 1 byte >- beyond the space which is guaranteed to be allocated in the header buffer. >- 6. Case 's' can overrun the provided source string by 1 byte if padding is >- involved ("memcpy (&(psf->header.ptr [psf->header.indx]), strptr, size) ;" >- where "size" is "strlen (strptr) + 1" (which includes the 0 terminator, >- plus optionally another 1 which is padding and not guaranteed to be >- readable via the source string pointer). >- >-Closes: https://github.com/erikd/libsndfile/issues/292 >---- src/common.c.orig 2017-04-02 06:33:16 UTC >-+++ src/common.c >-@@ -681,16 +681,16 @@ psf_binheader_writef (SF_PRIVATE *psf, const char *format, ...) >- /* Write a C string (guaranteed to have a zero terminator). */ >- strptr = va_arg (argptr, char *) ; >- size = strlen (strptr) + 1 ; >-- size += (size & 1) ; >- >-- if (psf->header.indx + (sf_count_t) size >= psf->header.len && psf_bump_header_allocation (psf, 16)) >-+ if (psf->header.indx + 4 + (sf_count_t) size + (sf_count_t) (size & 1) > psf->header.len && psf_bump_header_allocation (psf, 4 + size + (size & 1))) >- return count ; >- >- if (psf->rwf_endian == SF_ENDIAN_BIG) >-- header_put_be_int (psf, size) ; >-+ header_put_be_int (psf, size + (size & 1)) ; >- else >-- header_put_le_int (psf, size) ; >-+ header_put_le_int (psf, size + (size & 1)) ; >- memcpy (&(psf->header.ptr [psf->header.indx]), strptr, size) ; >-+ size += (size & 1) ; >- psf->header.indx += size ; >- psf->header.ptr [psf->header.indx - 1] = 0 ; >- count += 4 + size ; >-@@ -703,16 +703,15 @@ psf_binheader_writef (SF_PRIVATE *psf, const char *format, ...) >- */ >- strptr = va_arg (argptr, char *) ; >- size = strlen (strptr) ; >-- if (psf->header.indx + (sf_count_t) size > psf->header.len && psf_bump_header_allocation (psf, size)) >-+ if (psf->header.indx + 4 + (sf_count_t) size + (sf_count_t) (size & 1) > psf->header.len && psf_bump_header_allocation (psf, 4 + size + (size & 1))) >- return count ; >- if (psf->rwf_endian == SF_ENDIAN_BIG) >- header_put_be_int (psf, size) ; >- else >- header_put_le_int (psf, size) ; >-- memcpy (&(psf->header.ptr [psf->header.indx]), strptr, size + 1) ; >-+ memcpy (&(psf->header.ptr [psf->header.indx]), strptr, size + (size & 1)) ; >- size += (size & 1) ; >- psf->header.indx += size ; >-- psf->header.ptr [psf->header.indx] = 0 ; >- count += 4 + size ; >- break ; >- >-@@ -724,7 +723,7 @@ psf_binheader_writef (SF_PRIVATE *psf, const char *format, ...) >- size = (size & 1) ? size : size + 1 ; >- size = (size > 254) ? 254 : size ; >- >-- if (psf->header.indx + (sf_count_t) size > psf->header.len && psf_bump_header_allocation (psf, size)) >-+ if (psf->header.indx + 1 + (sf_count_t) size > psf->header.len && psf_bump_header_allocation (psf, 1 + size)) >- return count ; >- >- header_put_byte (psf, size) ; >diff --git a/audio/libsndfile/files/patch-CVE-2017-14634 b/audio/libsndfile/files/patch-CVE-2017-14634 >deleted file mode 100644 >index 0439cd3bb786..000000000000 >--- a/audio/libsndfile/files/patch-CVE-2017-14634 >+++ /dev/null >@@ -1,29 +0,0 @@ >-From 85c877d5072866aadbe8ed0c3e0590fbb5e16788 Mon Sep 17 00:00:00 2001 >-From: Fabian Greffrath <fabian@greffrath.com> >-Date: Thu, 28 Sep 2017 12:15:04 +0200 >-Subject: [PATCH] double64_init: Check psf->sf.channels against upper bound >- >-This prevents division by zero later in the code. >- >-While the trivial case to catch this (i.e. sf.channels < 1) has already >-been covered, a crafted file may report a number of channels that is >-so high (i.e. > INT_MAX/sizeof(double)) that it "somehow" gets >-miscalculated to zero (if this makes sense) in the determination of the >-blockwidth. Since we only support a limited number of channels anyway, >-make sure to check here as well. >- >-CVE-2017-14634 >- >-Closes: https://github.com/erikd/libsndfile/issues/318 >-Signed-off-by: Erik de Castro Lopo <erikd@mega-nerd.com> >---- src/double64.c.orig 2016-04-01 21:08:53 UTC >-+++ src/double64.c >-@@ -91,7 +91,7 @@ int >- double64_init (SF_PRIVATE *psf) >- { static int double64_caps ; >- >-- if (psf->sf.channels < 1) >-+ if (psf->sf.channels < 1 || psf->sf.channels > SF_MAX_CHANNELS) >- { psf_log_printf (psf, "double64_init : internal error : channels = %d\n", psf->sf.channels) ; >- return SFE_INTERNAL ; >- } ; >diff --git a/audio/libsndfile/files/patch-CVE-2017-17456_2017-17457_2018-19661_2018-19662 b/audio/libsndfile/files/patch-CVE-2017-17456_2017-17457_2018-19661_2018-19662 >deleted file mode 100644 >index a7755b8335e1..000000000000 >--- a/audio/libsndfile/files/patch-CVE-2017-17456_2017-17457_2018-19661_2018-19662 >+++ /dev/null >@@ -1,90 +0,0 @@ >-From: Hugo Lefeuvre <hle@owl.eu.com> >-Date: Mon, 24 Dec 2018 06:43:48 +0100 >-Subject: a/ulaw: fix multiple buffer overflows (#432) >- >-i2ulaw_array() and i2alaw_array() fail to handle ptr [count] = INT_MIN >-properly, leading to buffer underflow. INT_MIN is a special value >-since - INT_MIN cannot be represented as int. >- >-In this case round - INT_MIN to INT_MAX and proceed as usual. >- >-f2ulaw_array() and f2alaw_array() fail to handle ptr [count] = NaN >-properly, leading to null pointer dereference. >- >-In this case, arbitrarily set the buffer value to 0. >- >-This commit fixes #429 (CVE-2018-19661 and CVE-2018-19662) and >-fixes #344 (CVE-2017-17456 and CVE-2017-17457). >---- >- src/alaw.c | 9 +++++++-- >- src/ulaw.c | 9 +++++++-- >- 2 files changed, 14 insertions(+), 4 deletions(-) >- >-diff --git a/src/alaw.c b/src/alaw.c >-index 063fd1a..4220224 100644 >---- src/alaw.c >-+++ src/alaw.c >-@@ -19,6 +19,7 @@ >- #include "sfconfig.h" >- >- #include <math.h> >-+#include <limits.h> >- >- #include "sndfile.h" >- #include "common.h" >-@@ -326,7 +327,9 @@ s2alaw_array (const short *ptr, int count, unsigned char *buffer) >- static inline void >- i2alaw_array (const int *ptr, int count, unsigned char *buffer) >- { while (--count >= 0) >-- { if (ptr [count] >= 0) >-+ { if (ptr [count] == INT_MIN) >-+ buffer [count] = alaw_encode [INT_MAX >> (16 + 4)] ; >-+ else if (ptr [count] >= 0) >- buffer [count] = alaw_encode [ptr [count] >> (16 + 4)] ; >- else >- buffer [count] = 0x7F & alaw_encode [- ptr [count] >> (16 + 4)] ; >-@@ -346,7 +349,9 @@ f2alaw_array (const float *ptr, int count, unsigned char *buffer, float normfact >- static inline void >- d2alaw_array (const double *ptr, int count, unsigned char *buffer, double normfact) >- { while (--count >= 0) >-- { if (ptr [count] >= 0) >-+ { if (!isfinite (ptr [count])) >-+ buffer [count] = 0 ; >-+ else if (ptr [count] >= 0) >- buffer [count] = alaw_encode [lrint (normfact * ptr [count])] ; >- else >- buffer [count] = 0x7F & alaw_encode [- lrint (normfact * ptr [count])] ; >-diff --git a/src/ulaw.c b/src/ulaw.c >-index e50b4cb..b6070ad 100644 >---- src/ulaw.c >-+++ src/ulaw.c >-@@ -19,6 +19,7 @@ >- #include "sfconfig.h" >- >- #include <math.h> >-+#include <limits.h> >- >- #include "sndfile.h" >- #include "common.h" >-@@ -827,7 +828,9 @@ s2ulaw_array (const short *ptr, int count, unsigned char *buffer) >- static inline void >- i2ulaw_array (const int *ptr, int count, unsigned char *buffer) >- { while (--count >= 0) >-- { if (ptr [count] >= 0) >-+ { if (ptr [count] == INT_MIN) >-+ buffer [count] = ulaw_encode [INT_MAX >> (16 + 2)] ; >-+ else if (ptr [count] >= 0) >- buffer [count] = ulaw_encode [ptr [count] >> (16 + 2)] ; >- else >- buffer [count] = 0x7F & ulaw_encode [-ptr [count] >> (16 + 2)] ; >-@@ -847,7 +850,9 @@ f2ulaw_array (const float *ptr, int count, unsigned char *buffer, float normfact >- static inline void >- d2ulaw_array (const double *ptr, int count, unsigned char *buffer, double normfact) >- { while (--count >= 0) >-- { if (ptr [count] >= 0) >-+ { if (!isfinite (ptr [count])) >-+ buffer [count] = 0 ; >-+ else if (ptr [count] >= 0) >- buffer [count] = ulaw_encode [lrint (normfact * ptr [count])] ; >- else >- buffer [count] = 0x7F & ulaw_encode [- lrint (normfact * ptr [count])] ; >diff --git a/audio/libsndfile/files/patch-CVE-2017-6892 b/audio/libsndfile/files/patch-CVE-2017-6892 >deleted file mode 100644 >index 2a161d775188..000000000000 >--- a/audio/libsndfile/files/patch-CVE-2017-6892 >+++ /dev/null >@@ -1,19 +0,0 @@ >-From f833c53cb596e9e1792949f762e0b33661822748 Mon Sep 17 00:00:00 2001 >-From: Erik de Castro Lopo <erikd@mega-nerd.com> >-Date: Tue, 23 May 2017 20:15:24 +1000 >-Subject: [PATCH] src/aiff.c: Fix a buffer read overflow >- >-Secunia Advisory SA76717. >- >-Found by: Laurent Delosieres, Secunia Research at Flexera Software >---- src/aiff.c.orig 2017-04-01 07:18:02 UTC >-+++ src/aiff.c >-@@ -1905,7 +1905,7 @@ aiff_read_chanmap (SF_PRIVATE * psf, unsigned dword) >- psf_binheader_readf (psf, "j", dword - bytesread) ; >- >- if (map_info->channel_map != NULL) >-- { size_t chanmap_size = psf->sf.channels * sizeof (psf->channel_map [0]) ; >-+ { size_t chanmap_size = SF_MIN (psf->sf.channels, layout_tag & 0xffff) * sizeof (psf->channel_map [0]) ; >- >- free (psf->channel_map) ; >- >diff --git a/audio/libsndfile/files/patch-CVE-2017-8361 b/audio/libsndfile/files/patch-CVE-2017-8361 >deleted file mode 100644 >index 1e1458d2a0e0..000000000000 >--- a/audio/libsndfile/files/patch-CVE-2017-8361 >+++ /dev/null >@@ -1,53 +0,0 @@ >-From fd0484aba8e51d16af1e3a880f9b8b857b385eb3 Mon Sep 17 00:00:00 2001 >-From: Erik de Castro Lopo <erikd@mega-nerd.com> >-Date: Wed, 12 Apr 2017 19:45:30 +1000 >-Subject: [PATCH] FLAC: Fix a buffer read overrun >- >-Buffer read overrun occurs when reading a FLAC file that switches >-from 2 channels to one channel mid-stream. Only option is to >-abort the read. >- >-Closes: https://github.com/erikd/libsndfile/issues/230 >-Addresses: CVE-2017-8361 CVE-2017-8363 CVE-2017-8365 >---- src/common.h.orig 2017-04-01 09:40:45 UTC >-+++ src/common.h >-@@ -725,6 +725,7 @@ enum >- SFE_FLAC_INIT_DECODER, >- SFE_FLAC_LOST_SYNC, >- SFE_FLAC_BAD_SAMPLE_RATE, >-+ SFE_FLAC_CHANNEL_COUNT_CHANGED, >- SFE_FLAC_UNKOWN_ERROR, >- >- SFE_WVE_NOT_WVE, >---- src/flac.c.orig 2018-03-01 19:51:26 UTC >-+++ src/flac.c >-@@ -434,6 +434,19 @@ sf_flac_meta_callback (const FLAC__StreamDecoder * UNUSED (decoder), const FLAC_ >- >- switch (metadata->type) >- { case FLAC__METADATA_TYPE_STREAMINFO : >-+ if (psf->sf.channels > 0 && psf->sf.channels != (int) metadata->data.stream_info.channels) >-+ { psf_log_printf (psf, "Error: FLAC stream changed from %d to %d channels\n" >-+ "Nothing to be but to error out.\n" , >-+ psf->sf.channels, metadata->data.stream_info.channels) ; >-+ psf->error = SFE_FLAC_CHANNEL_COUNT_CHANGED ; >-+ return ; >-+ } ; >-+ >-+ if (psf->sf.channels > 0 && psf->sf.samplerate != (int) metadata->data.stream_info.sample_rate) >-+ { psf_log_printf (psf, "Warning: FLAC stream changed sample rates from %d to %d.\n" >-+ "Carrying on as if nothing happened.", >-+ psf->sf.samplerate, metadata->data.stream_info.sample_rate) ; >-+ } ; >- psf->sf.channels = metadata->data.stream_info.channels ; >- psf->sf.samplerate = metadata->data.stream_info.sample_rate ; >- psf->sf.frames = metadata->data.stream_info.total_samples ; >---- src/sndfile.c.orig 2017-04-02 06:33:16 UTC >-+++ src/sndfile.c >-@@ -245,6 +245,7 @@ ErrorStruct SndfileErrors [] = >- { SFE_FLAC_INIT_DECODER , "Error : problem with initialization of the flac decoder." }, >- { SFE_FLAC_LOST_SYNC , "Error : flac decoder lost sync." }, >- { SFE_FLAC_BAD_SAMPLE_RATE, "Error : flac does not support this sample rate." }, >-+ { SFE_FLAC_CHANNEL_COUNT_CHANGED, "Error : flac channel changed mid stream." }, >- { SFE_FLAC_UNKOWN_ERROR , "Error : unknown error in flac decoder." }, >- >- { SFE_WVE_NOT_WVE , "Error : not a WVE file." }, >diff --git a/audio/libsndfile/files/patch-CVE-2017-8362 b/audio/libsndfile/files/patch-CVE-2017-8362 >deleted file mode 100644 >index d7db571da966..000000000000 >--- a/audio/libsndfile/files/patch-CVE-2017-8362 >+++ /dev/null >@@ -1,44 +0,0 @@ >-From ef1dbb2df1c0e741486646de40bd638a9c4cd808 Mon Sep 17 00:00:00 2001 >-From: Erik de Castro Lopo <erikd@mega-nerd.com> >-Date: Fri, 14 Apr 2017 15:19:16 +1000 >-Subject: [PATCH] src/flac.c: Fix a buffer read overflow >- >-A file (generated by a fuzzer) which increased the number of channels >-from one frame to the next could cause a read beyond the end of the >-buffer provided by libFLAC. Only option is to abort the read. >- >-Closes: https://github.com/erikd/libsndfile/issues/231 >---- src/flac.c.orig 2017-04-01 09:40:45 UTC >-+++ src/flac.c >-@@ -169,6 +169,14 @@ flac_buffer_copy (SF_PRIVATE *psf) >- const int32_t* const *buffer = pflac->wbuffer ; >- unsigned i = 0, j, offset, channels, len ; >- >-+ if (psf->sf.channels != (int) frame->header.channels) >-+ { psf_log_printf (psf, "Error: FLAC frame changed from %d to %d channels\n" >-+ "Nothing to do but to error out.\n" , >-+ psf->sf.channels, frame->header.channels) ; >-+ psf->error = SFE_FLAC_CHANNEL_COUNT_CHANGED ; >-+ return 0 ; >-+ } ; >-+ >- /* >- ** frame->header.blocksize is variable and we're using a constant blocksize >- ** of FLAC__MAX_BLOCK_SIZE. >-@@ -202,7 +210,6 @@ flac_buffer_copy (SF_PRIVATE *psf) >- return 0 ; >- } ; >- >-- >- len = SF_MIN (pflac->len, frame->header.blocksize) ; >- >- if (pflac->remain % channels != 0) >-@@ -436,7 +443,7 @@ sf_flac_meta_callback (const FLAC__StreamDecoder * UNUSED (decoder), const FLAC_ >- { case FLAC__METADATA_TYPE_STREAMINFO : >- if (psf->sf.channels > 0 && psf->sf.channels != (int) metadata->data.stream_info.channels) >- { psf_log_printf (psf, "Error: FLAC stream changed from %d to %d channels\n" >-- "Nothing to be but to error out.\n" , >-+ "Nothing to do but to error out.\n" , >- psf->sf.channels, metadata->data.stream_info.channels) ; >- psf->error = SFE_FLAC_CHANNEL_COUNT_CHANGED ; >- return ; >diff --git a/audio/libsndfile/files/patch-CVE-2017-8363 b/audio/libsndfile/files/patch-CVE-2017-8363 >deleted file mode 100644 >index ad28fa8191b8..000000000000 >--- a/audio/libsndfile/files/patch-CVE-2017-8363 >+++ /dev/null >@@ -1,22 +0,0 @@ >-From cd7da8dbf6ee4310d21d9e44b385d6797160d9e8 Mon Sep 17 00:00:00 2001 >-From: Erik de Castro Lopo <erikd@mega-nerd.com> >-Date: Wed, 12 Apr 2017 20:19:34 +1000 >-Subject: [PATCH] src/flac.c: Fix another memory leak >- >-When the FLAC decoder was passed a malformed file, the associated >-`FLAC__StreamDecoder` object was not getting released. >- >-Closes: https://github.com/erikd/libsndfile/issues/233 >---- src/flac.c.orig 2018-03-01 09:40:45 UTC >-+++ src/flac.c >-@@ -841,7 +841,9 @@ flac_read_header (SF_PRIVATE *psf) >- >- psf_log_printf (psf, "End\n") ; >- >-- if (psf->error == 0) >-+ if (psf->error != 0) >-+ FLAC__stream_decoder_delete (pflac->fsd) ; >-+ else >- { FLAC__uint64 position ; >- >- FLAC__stream_decoder_get_decode_position (pflac->fsd, &position) ; >diff --git a/audio/libsndfile/files/patch-CVE-2018-19758 b/audio/libsndfile/files/patch-CVE-2018-19758 >deleted file mode 100644 >index 22fb7cffe2e2..000000000000 >--- a/audio/libsndfile/files/patch-CVE-2018-19758 >+++ /dev/null >@@ -1,31 +0,0 @@ >-From: Erik de Castro Lopo <erikd@mega-nerd.com> >-Date: Tue, 1 Jan 2019 20:11:46 +1100 >-Subject: src/wav.c: Fix heap read overflow >- >-This is CVE-2018-19758. >- >-Closes: https://github.com/erikd/libsndfile/issues/435 >---- >- src/wav.c | 4 +++- >- 1 file changed, 3 insertions(+), 1 deletion(-) >- >-diff --git a/src/wav.c b/src/wav.c >-index 4b943dc..59015a1 100644 >---- src/wav.c >-+++ src/wav.c >-@@ -1,5 +1,5 @@ >- /* >--** Copyright (C) 1999-2016 Erik de Castro Lopo <erikd@mega-nerd.com> >-+** Copyright (C) 1999-2019 Erik de Castro Lopo <erikd@mega-nerd.com> >- ** Copyright (C) 2004-2005 David Viens <davidv@plogue.com> >- ** >- ** This program is free software; you can redistribute it and/or modify >-@@ -1094,6 +1094,8 @@ wav_write_header (SF_PRIVATE *psf, int calc_length) >- psf_binheader_writef (psf, "44", 0, 0) ; /* SMTPE format */ >- psf_binheader_writef (psf, "44", psf->instrument->loop_count, 0) ; >- >-+ /* Loop count is signed 16 bit number so we limit it range to something sensible. */ >-+ psf->instrument->loop_count &= 0x7fff ; >- for (tmp = 0 ; tmp < psf->instrument->loop_count ; tmp++) >- { int type ; >- >diff --git a/audio/libsndfile/files/patch-Check-MAX_CHANNELS-in-sndfile-deinterleave b/audio/libsndfile/files/patch-Check-MAX_CHANNELS-in-sndfile-deinterleave >deleted file mode 100644 >index 8636f4a92e2f..000000000000 >--- a/audio/libsndfile/files/patch-Check-MAX_CHANNELS-in-sndfile-deinterleave >+++ /dev/null >@@ -1,30 +0,0 @@ >-From: "Brett T. Warden" <brett.t.warden@intel.com> >-Date: Tue, 28 Aug 2018 12:01:17 -0700 >-Subject: Check MAX_CHANNELS in sndfile-deinterleave >- >-Allocated buffer has space for only 16 channels. Verify that input file >-meets this limit. >- >-Fixes #397 >---- >- programs/sndfile-deinterleave.c | 7 +++++++ >- 1 file changed, 7 insertions(+) >- >-diff --git a/programs/sndfile-deinterleave.c b/programs/sndfile-deinterleave.c >-index e27593e..cb497e1 100644 >---- programs/sndfile-deinterleave.c >-+++ programs/sndfile-deinterleave.c >-@@ -89,6 +89,13 @@ main (int argc, char **argv) >- exit (1) ; >- } ; >- >-+ if (sfinfo.channels > MAX_CHANNELS) >-+ { printf ("\nError : Input file '%s' has too many (%d) channels. Limit is %d.\n", >-+ argv [1], sfinfo.channels, MAX_CHANNELS) ; >-+ exit (1) ; >-+ } ; >-+ >-+ >- state.channels = sfinfo.channels ; >- sfinfo.channels = 1 ; >- >diff --git a/audio/libsndfile/files/patch-cmake_SndFileChecks.cmake b/audio/libsndfile/files/patch-cmake_SndFileChecks.cmake >new file mode 100644 >index 000000000000..34a26b5a9941 >--- /dev/null >+++ b/audio/libsndfile/files/patch-cmake_SndFileChecks.cmake >@@ -0,0 +1,14 @@ >+--- cmake/SndFileChecks.cmake.orig 2020-06-20 08:18:11 UTC >++++ cmake/SndFileChecks.cmake >+@@ -22,11 +22,6 @@ else () >+ endif () >+ set (SF_COUNT_MAX 0x7fffffffffffffffll) >+ >+-if (NOT WIN32) >+- find_package (ALSA) >+- find_package (Sndio) >+-endif () >+- >+ if (VCPKG_TOOLCHAIN AND (NOT CMAKE_VERSION VERSION_LESS 3.15)) >+ set (CMAKE_FIND_PACKAGE_PREFER_CONFIG ON) >+ endif () >diff --git a/audio/libsndfile/files/patch-rf64_arm b/audio/libsndfile/files/patch-rf64_arm >deleted file mode 100644 >index 17ea45eb0e6f..000000000000 >--- a/audio/libsndfile/files/patch-rf64_arm >+++ /dev/null >@@ -1,49 +0,0 @@ >-From: Erik de Castro Lopez <erikd@mega-nerd.com> >-Date: Tue, 20 Jun 2017 00:00:00 +0200 >-Subject: fix RF64 on armel/armhf archs >- >-Origin: upstream >-Applied-Upstream: 9d470ee5577d3ccedb1c28c7e0a7295ba17feaf5 >-Last-Update: 2017-06-20 >---- >- src/rf64.c | 11 +++++++++-- >- 1 file changed, 9 insertions(+), 2 deletions(-) >- >-diff --git a/src/rf64.c b/src/rf64.c >-index c373bb0..60a3309 100644 >---- src/rf64.c >-+++ src/rf64.c >-@@ -339,6 +339,12 @@ rf64_read_header (SF_PRIVATE *psf, int *blockalign, int *framesperblock) >- } ; >- break ; >- >-+ case JUNK_MARKER : >-+ case PAD_MARKER : >-+ psf_log_printf (psf, "%M : %d\n", marker, chunk_size) ; >-+ psf_binheader_readf (psf, "j", chunk_size) ; >-+ break ; >-+ >- default : >- if (chunk_size >= 0xffff0000) >- { psf_log_printf (psf, "*** Unknown chunk marker (%X) at position %D with length %u. Exiting parser.\n", marker, psf_ftell (psf) - 8, chunk_size) ; >-@@ -659,7 +665,7 @@ rf64_write_header (SF_PRIVATE *psf, int calc_length) >- >- if (wpriv->rf64_downgrade && psf->filelength < RIFF_DOWNGRADE_BYTES) >- { psf_binheader_writef (psf, "etm8m", RIFF_MARKER, (psf->filelength < 8) ? 8 : psf->filelength - 8, WAVE_MARKER) ; >-- psf_binheader_writef (psf, "m4884", JUNK_MARKER, 20, 0, 0, 0, 0) ; >-+ psf_binheader_writef (psf, "m4z", JUNK_MARKER, 24, 24) ; >- add_fact_chunk = 1 ; >- } >- else >-@@ -735,9 +741,10 @@ rf64_write_header (SF_PRIVATE *psf, int calc_length) >- >- #endif >- >-+ /* Padding may be needed if string data sizes change. */ >- pad_size = psf->dataoffset - 16 - psf->header.indx ; >- if (pad_size >= 0) >-- psf_binheader_writef (psf, "m4z", PAD_MARKER, pad_size, make_size_t (pad_size)) ; >-+ psf_binheader_writef (psf, "m4z", PAD_MARKER, (unsigned int) pad_size, make_size_t (pad_size)) ; >- >- if (wpriv->rf64_downgrade && (psf->filelength < RIFF_DOWNGRADE_BYTES)) >- psf_binheader_writef (psf, "tm8", data_MARKER, psf->datalength) ; >diff --git a/audio/libsndfile/files/patch-typos b/audio/libsndfile/files/patch-typos >deleted file mode 100644 >index 244fe27a9ce7..000000000000 >--- a/audio/libsndfile/files/patch-typos >+++ /dev/null >@@ -1,67 +0,0 @@ >-From: IOhannes m zmoelnig <umlaeute@debian.org> >-Date: Wed, 5 Oct 2016 00:00:00 +0200 >-Subject: fixed spelling errors >- >-Forwarded: yes >-Last-Update: 2016-10-05 >- >-discovered by lintian >---- >- doc/bugs.html | 2 +- >- programs/sndfile-convert.c | 2 +- >- src/ogg.c | 2 +- >- src/wavlike.c | 2 +- >- 4 files changed, 4 insertions(+), 4 deletions(-) >- >-diff --git a/doc/bugs.html b/doc/bugs.html >-index 3a441fe..addedb8 100644 >---- doc/bugs.html >-+++ doc/bugs.html >-@@ -31,7 +31,7 @@ >- <UL> >- <LI> Compilation problems on new platforms. >- <LI> Errors being detected during the `make check' process. >-- <LI> Segmentation faults occuring inside libsndfile. >-+ <LI> Segmentation faults occurring inside libsndfile. >- <LI> libsndfile hanging when opening a file. >- <LI> Supported sound file types being incorrectly read or written. >- <LI> Omissions, errors or spelling mistakes in the documentation. >-diff --git a/programs/sndfile-convert.c b/programs/sndfile-convert.c >-index dff7f79..896838f 100644 >---- programs/sndfile-convert.c >-+++ programs/sndfile-convert.c >-@@ -317,7 +317,7 @@ main (int argc, char * argv []) >- if ((sfinfo.format & SF_FORMAT_SUBMASK) == SF_FORMAT_GSM610 && sfinfo.samplerate != 8000) >- { printf ( >- "WARNING: GSM 6.10 data format only supports 8kHz sample rate. The converted\n" >-- "ouput file will contain the input data converted to the GSM 6.10 data format\n" >-+ "output file will contain the input data converted to the GSM 6.10 data format\n" >- "but not re-sampled.\n" >- ) ; >- } ; >-diff --git a/src/ogg.c b/src/ogg.c >-index 0856f77..e01ebe1 100644 >---- src/ogg.c >-+++ src/ogg.c >-@@ -193,7 +193,7 @@ ogg_stream_classify (SF_PRIVATE *psf, OGG_PRIVATE* odata) >- break ; >- } ; >- >-- psf_log_printf (psf, "This Ogg bitstream contains some uknown data type.\n") ; >-+ psf_log_printf (psf, "This Ogg bitstream contains some unknown data type.\n") ; >- return SFE_UNIMPLEMENTED ; >- } /* ogg_stream_classify */ >- >-diff --git a/src/wavlike.c b/src/wavlike.c >-index 86ebf01..c053da3 100644 >---- src/wavlike.c >-+++ src/wavlike.c >-@@ -161,7 +161,7 @@ wavlike_read_fmt_chunk (SF_PRIVATE *psf, int fmtsize) >- { psf_log_printf (psf, " Bit Width : 24\n") ; >- >- psf_log_printf (psf, "\n" >-- " Ambiguous information in 'fmt ' chunk. Possibile file types:\n" >-+ " Ambiguous information in 'fmt ' chunk. Possible file types:\n" >- " 0) Invalid IEEE float file generated by Syntrillium's Cooledit!\n" >- " 1) File generated by ALSA's arecord containing 24 bit samples in 32 bit containers.\n" >- " 2) 24 bit file with incorrect Block Align value.\n" >diff --git a/audio/libsndfile/pkg-plist b/audio/libsndfile/pkg-plist >index f2cafd0a2061..d4f64f8e2311 100644 >--- a/audio/libsndfile/pkg-plist >+++ b/audio/libsndfile/pkg-plist >@@ -10,26 +10,24 @@ bin/sndfile-play > bin/sndfile-salvage > include/sndfile.h > include/sndfile.hh >-lib/libsndfile.a >-lib/libsndfile.so >-lib/libsndfile.so.1 >-lib/libsndfile.so.1.0.28 >+lib/cmake/SndFile/SndFileConfig.cmake >+lib/cmake/SndFile/SndFileConfigVersion.cmake >+lib/cmake/SndFile/SndFileTargets-%%CMAKE_BUILD_TYPE%%.cmake >+lib/cmake/SndFile/SndFileTargets.cmake >+%%STATIC%%lib/libsndfile.a >+%%NO_STATIC%%lib/libsndfile.so >+%%NO_STATIC%%lib/libsndfile.so.1 >+%%NO_STATIC%%lib/libsndfile.so.1.0.29 > libdata/pkgconfig/sndfile.pc > man/man1/sndfile-cmp.1.gz > man/man1/sndfile-concat.1.gz > man/man1/sndfile-convert.1.gz >-man/man1/sndfile-deinterleave.1.gz > man/man1/sndfile-info.1.gz > man/man1/sndfile-interleave.1.gz > man/man1/sndfile-metadata-get.1.gz >-man/man1/sndfile-metadata-set.1.gz > man/man1/sndfile-play.1.gz > man/man1/sndfile-salvage.1.gz >-%%PORTDOCS%%%%DOCSDIR%%/AUTHORS >-%%PORTDOCS%%%%DOCSDIR%%/ChangeLog > %%PORTDOCS%%%%DOCSDIR%%/FAQ.html >-%%PORTDOCS%%%%DOCSDIR%%/NEWS >-%%PORTDOCS%%%%DOCSDIR%%/README > %%PORTDOCS%%%%DOCSDIR%%/api.html > %%PORTDOCS%%%%DOCSDIR%%/bugs.html > %%PORTDOCS%%%%DOCSDIR%%/command.html >@@ -40,6 +38,7 @@ man/man1/sndfile-salvage.1.gz > %%PORTDOCS%%%%DOCSDIR%%/lists.html > %%PORTDOCS%%%%DOCSDIR%%/new_file_type.HOWTO > %%PORTDOCS%%%%DOCSDIR%%/octave.html >+%%PORTDOCS%%%%DOCSDIR%%/print.css > %%PORTDOCS%%%%DOCSDIR%%/sndfile_info.html > %%PORTDOCS%%%%DOCSDIR%%/tutorial.html > %%PORTDOCS%%%%DOCSDIR%%/win32.html >-- >2.27.0 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 248268
: 216769