Request 734688: Submit libopenmpt - openSUSE Build Service

This request is superseded by request 736008 (Show diff)

Overview

Request 734688 superseded

- Update to version 0.4.9
* [Sec] libmodplug: C API: Limit the length of strings copied to
the output buffer of ModPlug_InstrumentName() and
ModPlug_SampleName() to 32 bytes (including terminating null)
as is done by original libmodplug. This avoids potential buffer
overflows in software relying on this limit instead of querying
the required buffer size beforehand. libopenmpt can return
strings longer than 32 bytes here beacuse the internal limit of
32 bytes applies to strings encoded in arbitrary character
encodings but the API returns them converted to UTF-8, which
can be longer. (reported by Antonio Morales Maldonado of Semmle
Security Research Team) (r12129)
* [Sec] libmodplug: C++ API: Do not return 0 in
CSoundFile::GetSampleName() and CSoundFile::GetInstrumentName()
when a null output pointer is provided. This behaviour differed
from libmodplug and made it impossible to determine the
required buffer size. (r12130)
- Update to version 0.4.8:
* [Sec] Possible crash due to out-of-bounds read when playing an
OPL note with active filter in S3M or MPTM files (r12118).
- Update to version 0.4.7:
* J2B: Ignore notes with non-existing instrument
(fixes Ending.j2b)

Created by lachs0r about 5 years ago
In state superseded
Supersedes 734172
Superseded by 736008
Open review for openSUSE:Factory:Staging:G

Submit libopenmpt

Comments for request 734688 0

Login required, please login in order to comment

Request History

lachs0r created request about 5 years ago

- Update to version 0.4.9
* [Sec] libmodplug: C API: Limit the length of strings copied to
the output buffer of ModPlug_InstrumentName() and
ModPlug_SampleName() to 32 bytes (including terminating null)
as is done by original libmodplug. This avoids potential buffer
overflows in software relying on this limit instead of querying
the required buffer size beforehand. libopenmpt can return
strings longer than 32 bytes here beacuse the internal limit of
32 bytes applies to strings encoded in arbitrary character
encodings but the API returns them converted to UTF-8, which
can be longer. (reported by Antonio Morales Maldonado of Semmle
Security Research Team) (r12129)
* [Sec] libmodplug: C++ API: Do not return 0 in
CSoundFile::GetSampleName() and CSoundFile::GetInstrumentName()
when a null output pointer is provided. This behaviour differed
from libmodplug and made it impossible to determine the
required buffer size. (r12130)
- Update to version 0.4.8:
* [Sec] Possible crash due to out-of-bounds read when playing an
OPL note with active filter in S3M or MPTM files (r12118).
- Update to version 0.4.7:
* J2B: Ignore notes with non-existing instrument
(fixes Ending.j2b)

factory-auto added opensuse-review-team as a reviewer about 5 years ago

Please review sources

factory-auto accepted review about 5 years ago

Check script succeeded

licensedigger accepted review about 5 years ago

ok

staging-bot set openSUSE:Factory:Staging:G as a staging project about 5 years ago

Being evaluated by staging project "openSUSE:Factory:Staging:G"

staging-bot accepted review about 5 years ago

Picked openSUSE:Factory:Staging:G

namtrac accepted review about 5 years ago

scarabeus_iv superseded request about 5 years ago

superseded by 736008

openSUSE Build Service is sponsored by