diff options
Diffstat (limited to 'poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2017-8363.patch')
-rw-r--r-- | poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2017-8363.patch | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2017-8363.patch b/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2017-8363.patch new file mode 100644 index 000000000..e526e5a34 --- /dev/null +++ b/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2017-8363.patch @@ -0,0 +1,37 @@ +From cd7da8dbf6ee4310d21d9e44b385d6797160d9e8 Mon Sep 17 00:00:00 2001 +From: Erik de Castro Lopo <erikd@mega-nerd.com> +Date: Wed, 12 Apr 2017 20:19:34 +1000 +Subject: [PATCH] src/flac.c: Fix another memory leak + +When the FLAC decoder was passed a malformed file, the associated +`FLAC__StreamDecoder` object was not getting released. + +Closes: https://github.com/erikd/libsndfile/issues/233 + +CVE: CVE-2017-8363 + +Upstream-Status: Backport [https://github.com/erikd/libsndfile/commit/cd7da8dbf6ee4310d21d9e44b385d6797160d9e8] + +Signed-off-by: Jackie Huang <jackie.huang@windriver.com> +--- + src/flac.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/src/flac.c b/src/flac.c +index 986a7b8..5a4f8c2 100644 +--- a/src/flac.c ++++ b/src/flac.c +@@ -841,7 +841,9 @@ flac_read_header (SF_PRIVATE *psf) + + psf_log_printf (psf, "End\n") ; + +- if (psf->error == 0) ++ if (psf->error != 0) ++ FLAC__stream_decoder_delete (pflac->fsd) ; ++ else + { FLAC__uint64 position ; + + FLAC__stream_decoder_get_decode_position (pflac->fsd, &position) ; +-- +2.7.4 + |