commit a9050414bf59fdecf322cbbf340c348f35b42fee Author: Nicolas Chauvet <kwizart(a)gmail.com&gt; Date: Fri Jun 7 10:42:10 2019 +0200 Fix overflow on 2.7 faad2-fix-overflows.patch | 25 +++++++++++++++++++++++++ faad2.spec | 7 ++++++- 2 files changed, 31 insertions(+), 1 deletion(-) --- diff --git a/faad2-fix-overflows.patch b/faad2-fix-overflows.patch new file mode 100644 index 0000000..5a198f8 --- /dev/null +++ b/faad2-fix-overflows.patch @@ -0,0 +1,25 @@ +--- faad2/libfaad/bits.c 2007-11-01 13:33:29.000000000 +0100 ++++ faad2.new/libfaad/bits.c 2019-03-25 17:29:26.134199188 +0100 +@@ -167,7 +167,10 @@ + int words = bits >> 5; + int remainder = bits & 0x1F; + +- ld->bytes_left = ld->buffer_size - words*4; ++ if (ld->buffer_size < words * 4) ++ ld->bytes_left = 0; ++ else ++ ld->bytes_left = ld->buffer_size - words*4; + + if (ld->bytes_left >= 4) + { +--- faad2/libfaad/syntax.c 2019-03-25 17:57:36.930937066 +0100 ++++ faad2.new/libfaad/syntax.c 2019-03-25 17:49:26.135368525 +0100 +@@ -2292,6 +2292,8 @@ + while ((drc->additional_excluded_chns[n-1] = faad_get1bit(ld + DEBUGVAR(1,104,"excluded_channels(): additional_excluded_chns"))) == 1) + { ++ if (i >= MAX_CHANNELS - num_excl_chan - 7) ++ return n; + for (i = num_excl_chan; i < num_excl_chan+7; i++) + { + drc->exclude_mask[i] = faad_get1bit(ld diff --git a/faad2.spec b/faad2.spec index 6ec344b..1845b25 100644 --- a/faad2.spec +++ b/faad2.spec @@ -12,13 +12,15 @@ Summary: Library and frontend for decoding MPEG2/4 AAC Name: faad2 Epoch: 1 Version: 2.7 -Release: 8%{?dist} +Release: 9%{?dist} License: GPLv2+ Group: Applications/Multimedia URL: http://www.audiocoding.com/faad2.html Source: http://downloads.sourceforge.net/faac/%{name}-%{version}.tar.bz2 # fix non-PIC objects in libmp4ff.a Patch0: %{name}-pic.patch +# Security issue from videolan contribs +Patch1: faad2-fix-overflows.patch BuildRequires: gcc-c++ BuildRequires: id3lib-devel @@ -120,6 +122,9 @@ sed -i.rpath 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool %{xmmsinputplugindir}/libmp4.so %changelog +* Fri Jun 07 2019 Nicolas Chauvet <kwizart(a)gmail.com&gt; - 1:2.7-9 +- Fix overflows + * Tue Aug 23 2016 Nicolas Chauvet <nicolas.chauvet(a)kwizart.fr&gt; - 1:2.7-8 - Bump for dist