diff options
| author |   Andreas Sturmlechner <asturm@gentoo.org> | 2017-12-25 13:47:15 +0100 |
|---|---|---|
| committer | Andreas Sturmlechner <asturm@gentoo.org> | 2017-12-25 14:53:02 +0100 |
| commit | 6859a8b699efc9cd61a9eede139220391494d14b (patch) | |
| tree | 47590b2d4765fb846671e4c5afd7485922f3fad9 /media-libs | |
| parent | media-libs/libextractor: Fix USE=tidy (diff) | |
| download | gentoo-6859a8b699efc9cd61a9eede139220391494d14b.tar.gz gentoo-6859a8b699efc9cd61a9eede139220391494d14b.tar.bz2 gentoo-6859a8b699efc9cd61a9eede139220391494d14b.zip | |
media-libs/libextractor: Patch CVE-2017-17440
Bug: https://bugs.gentoo.org/635362
Package-Manager: Portage-2.3.19, Repoman-2.3.6
Diffstat (limited to 'media-libs')
| -rw-r--r-- | media-libs/libextractor/files/libextractor-1.6-CVE-2017-17440.patch | 125 | ||||
| -rw-r--r-- | media-libs/libextractor/libextractor-1.6.ebuild | 2 |
2 files changed, 127 insertions, 0 deletions
diff --git a/media-libs/libextractor/files/libextractor-1.6-CVE-2017-17440.patch b/media-libs/libextractor/files/libextractor-1.6-CVE-2017-17440.patch new file mode 100644 index 000000000000..1870375664de --- /dev/null +++ b/media-libs/libextractor/files/libextractor-1.6-CVE-2017-17440.patch @@ -0,0 +1,125 @@ +From 7cc63b001ceaf81143795321379c835486d0c92e Mon Sep 17 00:00:00 2001 +From: Christian Grothoff <christian@grothoff.org> +Date: Wed, 1 Nov 2017 09:07:35 +0100 +Subject: fix misc NULL pointer exceptions + +--- + src/include/extractor.h | 2 +- + src/plugins/gif_extractor.c | 16 +++++++++------- + src/plugins/it_extractor.c | 6 +++--- + src/plugins/nsfe_extractor.c | 8 ++++---- + src/plugins/s3m_extractor.c | 2 +- + src/plugins/sid_extractor.c | 24 ++++++++++++------------ + src/plugins/xm_extractor.c | 8 ++++---- + 21 files changed, 169 insertions(+), 162 deletions(-) + +* asturm: Cleaned up unrelated whitespace and translations changes. + +diff --git a/src/include/extractor.h b/src/include/extractor.h +index 0325dc6..782134b 100644 +--- a/src/include/extractor.h ++++ b/src/include/extractor.h +@@ -35,7 +35,7 @@ extern "C" { + * 0.2.6-1 => 0x00020601 + * 4.5.2-0 => 0x04050200 + */ +-#define EXTRACTOR_VERSION 0x01060000 ++#define EXTRACTOR_VERSION 0x01060001 + + #include <stdio.h> + +diff --git a/src/plugins/gif_extractor.c b/src/plugins/gif_extractor.c +index aae2b82..8ee5807 100644 +@@ -122,6 +122,8 @@ EXTRACTOR_gif_extract_method (struct EXTRACTOR_ExtractContext *ec) + if (GIF_OK != + DGifGetExtension (gif_file, &et, &ext)) + continue; ++ if (NULL == ext) ++ continue; + if (COMMENT_EXT_FUNC_CODE == et) + { + ec->proc (ec->cls, +--- a/src/plugins/it_extractor.c ++++ b/src/plugins/it_extractor.c +@@ -70,7 +70,7 @@ EXTRACTOR_it_extract_method (struct EXTRACTOR_ExtractContext *ec) + char itversion[8]; + const struct Header *head; + +- if (HEADER_SIZE > ++ if ((ssize_t) HEADER_SIZE > + ec->read (ec->cls, + &data, + HEADER_SIZE)) +--- a/src/plugins/nsfe_extractor.c ++++ b/src/plugins/nsfe_extractor.c +@@ -175,7 +175,7 @@ info_extract (struct EXTRACTOR_ExtractContext *ec, + + if (size < 8) + return 0; +- if (size > ++ if ((ssize_t) size > + ec->read (ec->cls, + &data, + size)) +@@ -243,7 +243,7 @@ tlbl_extract (struct EXTRACTOR_ExtractContext *ec, + void *data; + const char *cdata; + +- if (size > ++ if ((ssize_t) size > + ec->read (ec->cls, + &data, + size)) +@@ -285,7 +285,7 @@ auth_extract (struct EXTRACTOR_ExtractContext *ec, + + if (left < 1) + return 0; +- if (size > ++ if ((ssize_t) size > + ec->read (ec->cls, + &data, + size)) +@@ -342,7 +342,7 @@ EXTRACTOR_nsfe_extract_method (struct EXTRACTOR_ExtractContext *ec) + uint32_t chunksize; + int ret; + +- if (sizeof (struct header) > ++ if ((ssize_t) sizeof (struct header) > + ec->read (ec->cls, + &data, + sizeof (struct header))) +--- a/src/plugins/s3m_extractor.c ++++ b/src/plugins/s3m_extractor.c +@@ -80,7 +80,7 @@ EXTRACTOR_s3m_extract_method (struct EXTRACTOR_ExtractContext *ec) + struct S3MHeader header; + char song_name_NT[29]; + +- if (sizeof (header) > ++ if ((ssize_t) sizeof (header) > + ec->read (ec->cls, + &data, + sizeof (header))) +--- a/src/plugins/sid_extractor.c ++++ b/src/plugins/sid_extractor.c +@@ -176,7 +176,7 @@ EXTRACTOR_sid_extract_method (struct EXTRACTOR_ExtractContext *ec) + const struct header *head; + void *data; + +- if (sizeof (struct header) > ++ if ((ssize_t) sizeof (struct header) > + ec->read (ec->cls, + &data, + sizeof (struct header))) +--- a/src/plugins/xm_extractor.c ++++ b/src/plugins/xm_extractor.c +@@ -70,7 +70,7 @@ EXTRACTOR_xm_extract_method (struct EXTRACTOR_ExtractContext *ec) + char xmversion[8]; + size_t n; + +- if (sizeof (struct Header) > ++ if ((ssize_t) sizeof (struct Header) > + ec->read (ec->cls, + &data, + sizeof (struct Header))) +-- +cgit v1.1 diff --git a/media-libs/libextractor/libextractor-1.6.ebuild b/media-libs/libextractor/libextractor-1.6.ebuild index c30658fc5c07..db1013736cfd 100644 --- a/media-libs/libextractor/libextractor-1.6.ebuild +++ b/media-libs/libextractor/libextractor-1.6.ebuild @@ -57,6 +57,8 @@ RDEPEND="${COMMON_DEPEND} !sci-biology/glimmer " +PATCHES=( "${FILESDIR}/${P}-CVE-2017-17440.patch" ) + src_prepare() { default |