fix for CVE-2021-4156

Sat, 25 Jun 2022 17:30:28 -0700 

Hi everybody,
in case you are interested, attached are debdiffs to fix CVE-2021-4156 in Unstable, Bullseye and Buster. So if you think this is worth fixing, you can either use this debdiff or tell me to do the upload. 


The CVE is marked as no-dsa by the security team, so the upload for 
Bullseye and Buster needs to go through PU ...


  Thorsten

diff -Nru libsndfile-1.0.28/debian/changelog libsndfile-1.0.28/debian/changelog
--- libsndfile-1.0.28/debian/changelog  2021-07-30 00:14:25.000000000 +0200
+++ libsndfile-1.0.28/debian/changelog  2022-06-25 22:03:02.000000000 +0200
@@ -1,3 +1,11 @@
+libsndfile (1.0.28-6+deb10u2) buster; urgency=medium
+
+  * Non-maintainer upload by the LTS Team.
+  * CVE-2021-4156
+    heap out-of-bounds read
+
+ -- Thorsten Alteholz <deb...@alteholz.de>  Sat, 25 Jun 2022 22:03:02 +0200
+
 libsndfile (1.0.28-6+deb10u1) buster-security; urgency=medium
 
   * CVE-021-3246 (Closes: #991496)
diff -Nru libsndfile-1.0.28/debian/patches/CVE-2021-4156.patch 
libsndfile-1.0.28/debian/patches/CVE-2021-4156.patch
--- libsndfile-1.0.28/debian/patches/CVE-2021-4156.patch        1970-01-01 
01:00:00.000000000 +0100
+++ libsndfile-1.0.28/debian/patches/CVE-2021-4156.patch        2022-06-25 
22:03:02.000000000 +0200
@@ -0,0 +1,22 @@
+commit ced91d7b971be6173b604154c39279ce90ad87cc
+Author: yuan <ssspee...@gmail.com>
+Date:   Tue Apr 20 16:16:32 2021 +0800
+
+    flac: Fix improper buffer reusing (#732)
+
+Index: libsndfile-1.0.28/src/flac.c
+===================================================================
+--- libsndfile-1.0.28.orig/src/flac.c  2022-01-26 15:18:31.287793980 +0100
++++ libsndfile-1.0.28/src/flac.c       2022-01-26 15:18:31.283793984 +0100
+@@ -945,7 +945,11 @@
+       /* Decode some more. */
+       while (pflac->pos < pflac->len)
+       {       if (FLAC__stream_decoder_process_single (pflac->fsd) == 0)
++              {       psf_log_printf (psf, 
"FLAC__stream_decoder_process_single returned false\n") ;
++                      /* Current frame is busted, so NULL the pointer. */
++                      pflac->frame = NULL ;
+                       break ;
++                      } ;
+               state = FLAC__stream_decoder_get_state (pflac->fsd) ;
+               if (state >= FLAC__STREAM_DECODER_END_OF_STREAM)
+               {       psf_log_printf (psf, "FLAC__stream_decoder_get_state 
returned %s\n", FLAC__StreamDecoderStateString [state]) ;
diff -Nru libsndfile-1.0.28/debian/patches/series 
libsndfile-1.0.28/debian/patches/series
--- libsndfile-1.0.28/debian/patches/series     2021-07-30 00:14:25.000000000 
+0200
+++ libsndfile-1.0.28/debian/patches/series     2022-06-25 22:03:02.000000000 
+0200
@@ -11,3 +11,5 @@
 src-wav.c-Fix-heap-read-overflow.patch
 Check-MAX_CHANNELS-in-sndfile-deinterleave.patch
 CVE-2021-3246.patch
+
+CVE-2021-4156.patch

diff -Nru libsndfile-1.0.31/debian/changelog libsndfile-1.0.31/debian/changelog
--- libsndfile-1.0.31/debian/changelog  2021-07-26 23:09:17.000000000 +0200
+++ libsndfile-1.0.31/debian/changelog  2022-06-25 22:03:02.000000000 +0200
@@ -1,3 +1,11 @@
+libsndfile (1.0.31-2+deb11u1) bullseye; urgency=medium
+
+  * Non-maintainer upload by the LTS Team.
+  * CVE-2021-4156
+    heap out-of-bounds read
+
+ -- Thorsten Alteholz <deb...@alteholz.de>  Sat, 25 Jun 2022 22:03:02 +0200
+
 libsndfile (1.0.31-2) unstable; urgency=medium
 
   * Team upload
diff -Nru libsndfile-1.0.31/debian/patches/CVE-2021-4156.patch 
libsndfile-1.0.31/debian/patches/CVE-2021-4156.patch
--- libsndfile-1.0.31/debian/patches/CVE-2021-4156.patch        1970-01-01 
01:00:00.000000000 +0100
+++ libsndfile-1.0.31/debian/patches/CVE-2021-4156.patch        2022-06-25 
22:03:02.000000000 +0200
@@ -0,0 +1,22 @@
+commit ced91d7b971be6173b604154c39279ce90ad87cc
+Author: yuan <ssspee...@gmail.com>
+Date:   Tue Apr 20 16:16:32 2021 +0800
+
+    flac: Fix improper buffer reusing (#732)
+
+diff --git a/src/flac.c b/src/flac.c
+index 64d0172e..e3320450 100644
+--- a/src/flac.c
++++ b/src/flac.c
+@@ -948,7 +948,11 @@ flac_read_loop (SF_PRIVATE *psf, unsigned len)
+       /* Decode some more. */
+       while (pflac->pos < pflac->len)
+       {       if (FLAC__stream_decoder_process_single (pflac->fsd) == 0)
++              {       psf_log_printf (psf, 
"FLAC__stream_decoder_process_single returned false\n") ;
++                      /* Current frame is busted, so NULL the pointer. */
++                      pflac->frame = NULL ;
+                       break ;
++                      } ;
+               state = FLAC__stream_decoder_get_state (pflac->fsd) ;
+               if (state >= FLAC__STREAM_DECODER_END_OF_STREAM)
+               {       psf_log_printf (psf, "FLAC__stream_decoder_get_state 
returned %s\n", FLAC__StreamDecoderStateString [state]) ;
diff -Nru libsndfile-1.0.31/debian/patches/series 
libsndfile-1.0.31/debian/patches/series
--- libsndfile-1.0.31/debian/patches/series     2021-07-26 23:08:08.000000000 
+0200
+++ libsndfile-1.0.31/debian/patches/series     2022-06-25 22:03:02.000000000 
+0200
@@ -1,2 +1,4 @@
 fix_typos.patch
 0002-ms_adpcm-Fix-and-extend-size-checks.patch
+
+CVE-2021-4156.patch

diff -Nru libsndfile-1.0.31/debian/changelog libsndfile-1.0.31/debian/changelog
--- libsndfile-1.0.31/debian/changelog  2021-07-26 23:09:17.000000000 +0200
+++ libsndfile-1.0.31/debian/changelog  2022-06-25 18:03:02.000000000 +0200
@@ -1,3 +1,11 @@
+libsndfile (1.0.31-2.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * CVE-2021-4156
+    heap out-of-bounds read
+
+ -- Thorsten Alteholz <deb...@alteholz.de>  Sat, 25 Jun 2022 18:03:02 +0200
+
 libsndfile (1.0.31-2) unstable; urgency=medium
 
   * Team upload
diff -Nru libsndfile-1.0.31/debian/patches/CVE-2021-4156.patch 
libsndfile-1.0.31/debian/patches/CVE-2021-4156.patch
--- libsndfile-1.0.31/debian/patches/CVE-2021-4156.patch        1970-01-01 
01:00:00.000000000 +0100
+++ libsndfile-1.0.31/debian/patches/CVE-2021-4156.patch        2022-06-25 
18:03:02.000000000 +0200
@@ -0,0 +1,22 @@
+commit ced91d7b971be6173b604154c39279ce90ad87cc
+Author: yuan <ssspee...@gmail.com>
+Date:   Tue Apr 20 16:16:32 2021 +0800
+
+    flac: Fix improper buffer reusing (#732)
+
+diff --git a/src/flac.c b/src/flac.c
+index 64d0172e..e3320450 100644
+--- a/src/flac.c
++++ b/src/flac.c
+@@ -948,7 +948,11 @@ flac_read_loop (SF_PRIVATE *psf, unsigned len)
+       /* Decode some more. */
+       while (pflac->pos < pflac->len)
+       {       if (FLAC__stream_decoder_process_single (pflac->fsd) == 0)
++              {       psf_log_printf (psf, 
"FLAC__stream_decoder_process_single returned false\n") ;
++                      /* Current frame is busted, so NULL the pointer. */
++                      pflac->frame = NULL ;
+                       break ;
++                      } ;
+               state = FLAC__stream_decoder_get_state (pflac->fsd) ;
+               if (state >= FLAC__STREAM_DECODER_END_OF_STREAM)
+               {       psf_log_printf (psf, "FLAC__stream_decoder_get_state 
returned %s\n", FLAC__StreamDecoderStateString [state]) ;
diff -Nru libsndfile-1.0.31/debian/patches/series 
libsndfile-1.0.31/debian/patches/series
--- libsndfile-1.0.31/debian/patches/series     2021-07-26 23:08:08.000000000 
+0200
+++ libsndfile-1.0.31/debian/patches/series     2022-06-25 18:03:02.000000000 
+0200
@@ -1,2 +1,4 @@
 fix_typos.patch
 0002-ms_adpcm-Fix-and-extend-size-checks.patch
+
+CVE-2021-4156.patch














    











					Reply via email to