libsndfile1: fix CVE-2021-4156

From: Changqing Li <changqing.li@windriver.com>

Signed-off-by: Changqing Li <changqing.li@windriver.com>
---
 .../libsndfile1/CVE-2021-4156.patch           | 32 +++++++++++++++++++
 .../libsndfile/libsndfile1_1.0.28.bb          |  1 +
 2 files changed, 33 insertions(+)
 create mode 100644 meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-4156.patch

Is there a reason why this wasn't merged? Looks like the 1.0.31 version in
kirkstone is still affected (master has 1.1.0 now), I've sent backport for
it now.

On Tue, Feb 22, 2022 at 4:34 AM Changqing Li <changqing.li@windriver.com>
wrote:

> From: Changqing Li <changqing.li@windriver.com>
>
> Signed-off-by: Changqing Li <changqing.li@windriver.com>
> ---
>  .../libsndfile1/CVE-2021-4156.patch           | 32 +++++++++++++++++++
>  .../libsndfile/libsndfile1_1.0.28.bb          |  1 +
>  2 files changed, 33 insertions(+)
>  create mode 100644
> meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-4156.patch
>
> diff --git
> a/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-4156.patch
> b/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-4156.patch
> new file mode 100644
> index 0000000000..b0ff1a0885
> --- /dev/null
> +++ b/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-4156.patch
> @@ -0,0 +1,32 @@
> +From 5adbc377cd90aa40f0cd56ae325ca70065a8aa19 Mon Sep 17 00:00:00 2001
> +From: Changqing Li <changqing.li@windriver.com>
> +Date: Thu, 13 Jan 2022 16:45:59 +0800
> +Subject: [PATCH] flac: Fix improper buffer reusing
> +
> +CVE: CVE-2021-4156.patch
> +Upstream-Status: Backport [
> https://github.com/libsndfile/libsndfile/issues/731]
> +
> +Signed-off-by: Changqing Li <changqing.li@windriver.com>
> +---
> + src/flac.c | 4 ++++
> + 1 file changed, 4 insertions(+)
> +
> +diff --git a/src/flac.c b/src/flac.c
> +index 0be82ac..6548bba 100644
> +--- a/src/flac.c
> ++++ b/src/flac.c
> +@@ -952,7 +952,11 @@ flac_read_loop (SF_PRIVATE *psf, unsigned len)
> +       /* Decode some more. */
> +       while (pflac->pos < pflac->len)
> +       {       if (FLAC__stream_decoder_process_single (pflac->fsd) == 0)
> ++              {       psf_log_printf (psf,
> "FLAC__stream_decoder_process_single returned false\n") ;
> ++                      /* Current frame is busted, so NULL the pointer. */
> ++                      pflac->frame = NULL ;
> +                       break ;
> ++                }
> +               state = FLAC__stream_decoder_get_state (pflac->fsd) ;
> +               if (state >= FLAC__STREAM_DECODER_END_OF_STREAM)
> +               {       psf_log_printf (psf,
> "FLAC__stream_decoder_get_state returned %s\n",
> FLAC__StreamDecoderStateString [state]) ;
> +--
> +2.17.1
> +
> diff --git a/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb
> b/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb
> index 443ca95e32..884d680fbe 100644
> --- a/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb
> +++ b/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb
> @@ -20,6 +20,7 @@ SRC_URI = "
> http://www.mega-nerd.com/libsndfile/files/libsndfile-${PV}.tar.gz \
>             file://CVE-2017-12562.patch \
>             file://CVE-2018-19758.patch \
>             file://CVE-2019-3832.patch \
> +           file://CVE-2021-4156.patch \
>            "
>
>  SRC_URI[md5sum] = "646b5f98ce89ac60cdb060fcd398247c"
> --
> 2.25.1
>
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#162113):
> https://lists.openembedded.org/g/openembedded-core/message/162113
> Mute This Topic: https://lists.openembedded.org/mt/89310155/3617156
> Group Owner: openembedded-core+owner@lists.openembedded.org
> Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [
> Martin.Jansa@gmail.com]
> -=-=-=-=-=-=-=-=-=-=-=-
>
>