diff options
| author | Efraim Flashner <efraim@flashner.co.il> | 2021-03-24 15:28:33 +0200 |
|---|---|---|
| committer | Efraim Flashner <efraim@flashner.co.il> | 2021-03-24 20:50:44 +0200 |
| commit | 2aab587f842908a886e3bd08b028885dddd650e0 (patch) | |
| tree | 87c0723a9ae2c69ab6920d90b6e87ad8510492fe /gnu/packages/patches/mpg321-CVE-2019-14247.patch | |
| parent | 5664bcdcb0e4c10dfe48dd5e4730fc3c746a21e2 (diff) | |
| parent | 65c46e79e0495fe4d32f6f2725d7233fff10fd70 (diff) | |
| download | guix-2aab587f842908a886e3bd08b028885dddd650e0.tar.gz guix-2aab587f842908a886e3bd08b028885dddd650e0.zip | |
Merge remote-tracking branch 'origin/master' into core-updates
Diffstat (limited to 'gnu/packages/patches/mpg321-CVE-2019-14247.patch')
| -rw-r--r-- | gnu/packages/patches/mpg321-CVE-2019-14247.patch | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/gnu/packages/patches/mpg321-CVE-2019-14247.patch b/gnu/packages/patches/mpg321-CVE-2019-14247.patch new file mode 100644 index 0000000000..03afaccc67 --- /dev/null +++ b/gnu/packages/patches/mpg321-CVE-2019-14247.patch @@ -0,0 +1,23 @@ +This patch was downloaded from https://sourceforge.net/p/mpg321/bugs/51/ and +fixes CVE-2019-14247. + +Description: Handle illegal bitrate value +Author: Chrysostomos Nanakos <cnanakos@debian.org> +Bug-Debian: https://bugs.debian.org/870406 +Bug-Debian: https://bugs.debian.org/887057 + +--- mpg321-0.3.2.orig/mad.c ++++ mpg321-0.3.2/mad.c +@@ -574,6 +574,12 @@ void scan(void const *ptr, ssize_t len, + + if (!is_vbr) + { ++ if (header.bitrate <= 0) ++ { ++ fprintf(stderr, "Illegal bit allocation value\n"); ++ return; ++ } ++ + double time = (len * 8.0) / (header.bitrate); /* time in seconds */ + double timefrac = (double)time - ((long)(time)); + long nsamples = 32 * MAD_NSBSAMPLES(&header); /* samples per frame */ |