Mageia Bugzilla – Attachment 14203 Details for
Bug 32608
audiofile needs two other patches for CVE-2019-13147
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
Log In
[x]
|
New Account
|
Forgot Password
[patch]
0015-Partial-fix-of-CVE-2019-13147.patch
0015-Partial-fix-of-CVE-2019-13147.patch (text/plain), 1.32 KB, created by
Philippe Didier
on 2023-12-09 15:22:36 CET
(
hide
)
Description:
0015-Partial-fix-of-CVE-2019-13147.patch
Filename:
MIME Type:
Creator:
Philippe Didier
Created:
2023-12-09 15:22:36 CET
Size:
1.32 KB
patch
obsolete
>From: =?utf-8?q?Bastien_Roucari=C3=A8s?= <rouca@debian.org> >Date: Sat, 11 Nov 2023 17:43:19 +0000 >Subject: Partial fix of CVE-2019-13147 > >This is the fix of the POC. Do not allow too many channel > >Now it fail with: >Audio File Library: invalid file with 1633771873 channels [error 15] >Could not open file 'poc' for reading. > >bug: https://github.com/mpruett/audiofile/issues/54 >forwarded: https://github.com/mpruett/audiofile/issues/54 >bug-debian-security: https://security-tracker.debian.org/tracker/CVE-2019-13147 >bug-debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931343 >--- > libaudiofile/NeXT.cpp | 7 +++++++ > 1 file changed, 7 insertions(+) > >diff --git a/libaudiofile/NeXT.cpp b/libaudiofile/NeXT.cpp >index c462dbe..01c967c 100644 >--- a/libaudiofile/NeXT.cpp >+++ b/libaudiofile/NeXT.cpp >@@ -32,6 +32,7 @@ > #include <stdint.h> > #include <stdlib.h> > #include <string.h> >+#include <limits.h> > > #include "File.h" > #include "Setup.h" >@@ -122,6 +123,12 @@ status NeXTFile::readInit(AFfilesetup setup) > _af_error(AF_BAD_CHANNELS, "invalid file with 0 channels"); > return AF_FAIL; > } >+ /* avoid overflow of INT for double size rate */ >+ if (channelCount > (INT32_MAX / (sizeof(double)))) >+ { >+ _af_error(AF_BAD_CHANNELS, "invalid file with %i channels", channelCount); >+ return AF_FAIL; >+ } > > Track *track = allocateTrack(); > if (!track)
From: =?utf-8?q?Bastien_Roucari=C3=A8s?= <rouca@debian.org> Date: Sat, 11 Nov 2023 17:43:19 +0000 Subject: Partial fix of CVE-2019-13147 This is the fix of the POC. Do not allow too many channel Now it fail with: Audio File Library: invalid file with 1633771873 channels [error 15] Could not open file 'poc' for reading. bug: https://github.com/mpruett/audiofile/issues/54 forwarded: https://github.com/mpruett/audiofile/issues/54 bug-debian-security: https://security-tracker.debian.org/tracker/CVE-2019-13147 bug-debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931343 --- libaudiofile/NeXT.cpp | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/libaudiofile/NeXT.cpp b/libaudiofile/NeXT.cpp index c462dbe..01c967c 100644 --- a/libaudiofile/NeXT.cpp +++ b/libaudiofile/NeXT.cpp @@ -32,6 +32,7 @@ #include <stdint.h> #include <stdlib.h> #include <string.h> +#include <limits.h> #include "File.h" #include "Setup.h" @@ -122,6 +123,12 @@ status NeXTFile::readInit(AFfilesetup setup) _af_error(AF_BAD_CHANNELS, "invalid file with 0 channels"); return AF_FAIL; } + /* avoid overflow of INT for double size rate */ + if (channelCount > (INT32_MAX / (sizeof(double)))) + { + _af_error(AF_BAD_CHANNELS, "invalid file with %i channels", channelCount); + return AF_FAIL; + } Track *track = allocateTrack(); if (!track)
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 32608
: 14203 |
14204