Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Factory:Rebuild
opusfile
opusfile-CVE-2022-47021.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File opusfile-CVE-2022-47021.patch of Package opusfile
From 0a4cd796df5b030cb866f3f4a5e41a4b92caddf5 Mon Sep 17 00:00:00 2001 From: Ralph Giles <giles@thaumas.net> Date: Tue, 6 Sep 2022 19:04:31 -0700 Subject: [PATCH] Propagate allocation failure from ogg_sync_buffer. Instead of segfault, report OP_EFAULT if ogg_sync_buffer returns a null pointer. This allows more graceful recovery by the caller in the unlikely event of a fallible ogg_malloc call. We do check the return value elsewhere in the code, so the new checks make the code more consistent. Thanks to https://github.com/xiph/opusfile/issues/36 for reporting. Signed-off-by: Timothy B. Terriberry <tterribe@xiph.org> Signed-off-by: Mark Harris <mark.hsj@gmail.com> --- src/opusfile.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/opusfile.c b/src/opusfile.c index ca219b2..3c3c81e 100644 --- a/src/opusfile.c +++ b/src/opusfile.c @@ -148,6 +148,7 @@ static int op_get_data(OggOpusFile *_of,int _nbytes){ int nbytes; OP_ASSERT(_nbytes>0); buffer=(unsigned char *)ogg_sync_buffer(&_of->oy,_nbytes); + if(OP_UNLIKELY(buffer==NULL))return OP_EFAULT; nbytes=(int)(*_of->callbacks.read)(_of->stream,buffer,_nbytes); OP_ASSERT(nbytes<=_nbytes); if(OP_LIKELY(nbytes>0))ogg_sync_wrote(&_of->oy,nbytes); @@ -1527,6 +1528,7 @@ static int op_open1(OggOpusFile *_of, if(_initial_bytes>0){ char *buffer; buffer=ogg_sync_buffer(&_of->oy,(long)_initial_bytes); + if(OP_UNLIKELY(buffer==NULL))return OP_EFAULT; memcpy(buffer,_initial_data,_initial_bytes*sizeof(*buffer)); ogg_sync_wrote(&_of->oy,(long)_initial_bytes); }
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor