Package: libsndfile / 1.0.28-6

CVE-2017-8363.patch Patch series | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
From: Erik de Castro Lopez <erikd@mega-nerd.com>
Date: Sun, 28 May 2017 00:00:00 +0200
Subject: fixing another memory leak in FLAC code

Origin: upstream
Applied-Upstream: https://github.com/erikd/libsndfile/commit/cd7da8dbf6ee4310d21d9e44b385d6797160d9e8 & https://github.com/erikd/libsndfile/commit/5206a9b65e61598fde44d276c81b0585bc428562
Last-Update: 2017-05-28

CVE-2017-8363
---
 src/flac.c | 13 ++++---------
 1 file changed, 4 insertions(+), 9 deletions(-)

diff --git a/src/flac.c b/src/flac.c
index aad7920..5a4f8c2 100644
--- a/src/flac.c
+++ b/src/flac.c
@@ -430,8 +430,7 @@ sf_flac_meta_get_vorbiscomments (SF_PRIVATE *psf, const FLAC__StreamMetadata *me
 static void
 sf_flac_meta_callback (const FLAC__StreamDecoder * UNUSED (decoder), const FLAC__StreamMetadata *metadata, void *client_data)
 {	SF_PRIVATE *psf = (SF_PRIVATE*) client_data ;
-	FLAC_PRIVATE* pflac = (FLAC_PRIVATE*) psf->codec_data ;
-	int bitwidth = 0, i ;
+	int bitwidth = 0 ;
 
 	switch (metadata->type)
 	{	case FLAC__METADATA_TYPE_STREAMINFO :
@@ -481,12 +480,6 @@ sf_flac_meta_callback (const FLAC__StreamDecoder * UNUSED (decoder), const FLAC_
 
 			if (bitwidth > 0)
 				psf_log_printf (psf, "  Bit width   : %d\n", bitwidth) ;
-
-
-			for (i = 0 ; i < psf->sf.channels ; i++)
-				pflac->rbuffer [i] = calloc (FLAC__MAX_BLOCK_SIZE, sizeof (int32_t)) ;
-
-			pflac->wbuffer = (const int32_t* const*) pflac->rbuffer ;
 			break ;
 
 		case FLAC__METADATA_TYPE_VORBIS_COMMENT :
@@ -848,7 +841,9 @@ flac_read_header (SF_PRIVATE *psf)
 
 	psf_log_printf (psf, "End\n") ;
 
-	if (psf->error == 0)
+	if (psf->error != 0)
+		FLAC__stream_decoder_delete (pflac->fsd) ;
+	else
 	{	FLAC__uint64 position ;
 
 		FLAC__stream_decoder_get_decode_position (pflac->fsd, &position) ;