commit 6e1f3704c257f236c83c29def8b4d103320c1efc Author: Nicolas Chauvet <kwizart(a)gmail.com&gt; Date: Fri Jun 7 09:52:52 2019 +0200 Fix security issue faad2-fix-overflows.patch | 25 +++++++++++++++++++++++++ faad2.spec | 7 ++++++- 2 files changed, 31 insertions(+), 1 deletion(-) --- diff --git a/faad2-fix-overflows.patch b/faad2-fix-overflows.patch new file mode 100644 index 0000000..5a198f8 --- /dev/null +++ b/faad2-fix-overflows.patch @@ -0,0 +1,25 @@ +--- faad2/libfaad/bits.c 2007-11-01 13:33:29.000000000 +0100 ++++ faad2.new/libfaad/bits.c 2019-03-25 17:29:26.134199188 +0100 +@@ -167,7 +167,10 @@ + int words = bits >> 5; + int remainder = bits & 0x1F; + +- ld->bytes_left = ld->buffer_size - words*4; ++ if (ld->buffer_size < words * 4) ++ ld->bytes_left = 0; ++ else ++ ld->bytes_left = ld->buffer_size - words*4; + + if (ld->bytes_left >= 4) + { +--- faad2/libfaad/syntax.c 2019-03-25 17:57:36.930937066 +0100 ++++ faad2.new/libfaad/syntax.c 2019-03-25 17:49:26.135368525 +0100 +@@ -2292,6 +2292,8 @@ + while ((drc->additional_excluded_chns[n-1] = faad_get1bit(ld + DEBUGVAR(1,104,"excluded_channels(): additional_excluded_chns"))) == 1) + { ++ if (i >= MAX_CHANNELS - num_excl_chan - 7) ++ return n; + for (i = num_excl_chan; i < num_excl_chan+7; i++) + { + drc->exclude_mask[i] = faad_get1bit(ld diff --git a/faad2.spec b/faad2.spec index fd691c4..4eeda01 100644 --- a/faad2.spec +++ b/faad2.spec @@ -4,13 +4,15 @@ Summary: Library and frontend for decoding MPEG2/4 AAC Name: faad2 Epoch: 1 Version: 2.8.8 -Release: 5%{?dist} +Release: 6%{?dist} License: GPLv2+ URL: http://www.audiocoding.com/faad2.html Source: http://downloads.sourceforge.net/sourceforge/faac/%{name}-%{version}.tar.gz # fix non-PIC objects in libmp4ff.a Patch0: %{name}-pic.patch Patch1: fix_undefined_version.patch +# Security issue from videolan contribs +Patch2: faad2-fix-overflows.patch BuildRequires: gcc-c++ BuildRequires: id3lib-devel @@ -98,6 +100,9 @@ find $RPM_BUILD_ROOT -name '*.la' -or -name '*.a' | xargs rm -f %{xmmsinputplugindir}/libmp4.so %changelog +* Fri Jun 07 2019 Nicolas Chauvet <kwizart(a)gmail.com&gt; - 1:2.8.8-6 +- Fix overflows + * Mon Mar 04 2019 RPM Fusion Release Engineering <leigh123linux(a)gmail.com&gt; - 1:2.8.8-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild