1 From fd0484aba8e51d16af1e3a880f9b8b857b385eb3 Mon Sep 17 00:00:00 2001
2 From: Erik de Castro Lopo <erikd@mega-nerd.com>
3 Date: Wed, 12 Apr 2017 19:45:30 +1000
4 Subject: [PATCH] FLAC: Fix a buffer read overrun
5 References: CVE-2017-8361 CVE-2017-8363 CVE-2017-8365 bsc#1036944 bsc#1036945 bsc#1036946
6
7 Buffer read overrun occurs when reading a FLAC file that switches
8 from 2 channels to one channel mid-stream. Only option is to
9 abort the read.
10
11 Closes: https://github.com/erikd/libsndfile/issues/230
12
13 ---
14 src/common.h | 1 +
15 src/flac.c | 13 +++++++++++++
16 src/sndfile.c | 1 +
17 3 files changed, 15 insertions(+)
18
19 --- a/src/common.h
20 +++ b/src/common.h
21 @@ -725,6 +725,7 @@ enum
22 SFE_FLAC_INIT_DECODER,
23 SFE_FLAC_LOST_SYNC,
24 SFE_FLAC_BAD_SAMPLE_RATE,
25 + SFE_FLAC_CHANNEL_COUNT_CHANGED,
26 SFE_FLAC_UNKOWN_ERROR,
27
28 SFE_WVE_NOT_WVE,
29 --- a/src/flac.c
30 +++ b/src/flac.c
31 @@ -435,6 +435,19 @@ sf_flac_meta_callback (const FLAC__Strea
32
33 switch (metadata->type)
34 { case FLAC__METADATA_TYPE_STREAMINFO :
35 + if (psf->sf.channels > 0 && psf->sf.channels != (int) metadata->data.stream_info.channels)
36 + { psf_log_printf (psf, "Error: FLAC stream changed from %d to %d channels\n"
37 + "Nothing to be but to error out.\n" ,
38 + psf->sf.channels, metadata->data.stream_info.channels) ;
39 + psf->error = SFE_FLAC_CHANNEL_COUNT_CHANGED ;
40 + return ;
41 + } ;
42 +
43 + if (psf->sf.channels > 0 && psf->sf.samplerate != (int) metadata->data.stream_info.sample_rate)
44 + { psf_log_printf (psf, "Warning: FLAC stream changed sample rates from %d to %d.\n"
45 + "Carrying on as if nothing happened.",
46 + psf->sf.samplerate, metadata->data.stream_info.sample_rate) ;
47 + } ;
48 psf->sf.channels = metadata->data.stream_info.channels ;
49 psf->sf.samplerate = metadata->data.stream_info.sample_rate ;
50 psf->sf.frames = metadata->data.stream_info.total_samples ;
51 --- a/src/sndfile.c
52 +++ b/src/sndfile.c
53 @@ -245,6 +245,7 @@ ErrorStruct SndfileErrors [] =
54 { SFE_FLAC_INIT_DECODER , "Error : problem with initialization of the flac decoder." },
55 { SFE_FLAC_LOST_SYNC , "Error : flac decoder lost sync." },
56 { SFE_FLAC_BAD_SAMPLE_RATE, "Error : flac does not support this sample rate." },
57 + { SFE_FLAC_CHANNEL_COUNT_CHANGED, "Error : flac channel changed mid stream." },
58 { SFE_FLAC_UNKOWN_ERROR , "Error : unknown error in flac decoder." },
59
60 { SFE_WVE_NOT_WVE , "Error : not a WVE file." },
|
