[BACK]Return to patch-CVE-2017-12678 CVS log [TXT][DIR] Up to [cvs.NetBSD.org] / pkgsrc / audio / taglib / patches

Annotation of pkgsrc/audio/taglib/patches/patch-CVE-2017-12678, Revision 1.1.2.2

1.1.2.2 ! bsiegert    1: $NetBSD: patch-CVE-2017-12678,v 1.1 2019/07/18 09:36:37 nia Exp $
        !             2:
        !             3: Fix CVE-2017-12678
        !             4:
        !             5: In TagLib 1.11.1, the rebuildAggregateFrames function in id3v2framefactory.cpp
        !             6: has a pointer to cast vulnerability, which allows remote attackers to cause a
        !             7: denial of service or possibly have unspecified other impact via a crafted
        !             8: audio file.
        !             9:
        !            10: Upstream commit:
        !            11: https://github.com/taglib/taglib/commit/cb9f07d9dcd791b63e622da43f7b232adaec0a9a
        !            12:
        !            13: --- taglib/mpeg/id3v2/id3v2framefactory.cpp.orig       2016-10-24 03:03:23.000000000 +0000
        !            14: +++ taglib/mpeg/id3v2/id3v2framefactory.cpp
        !            15: @@ -334,10 +334,11 @@ void FrameFactory::rebuildAggregateFrame
        !            16:       tag->frameList("TDAT").size() == 1)
        !            17:    {
        !            18:      TextIdentificationFrame *tdrc =
        !            19: -      static_cast<TextIdentificationFrame *>(tag->frameList("TDRC").front());
        !            20: +      dynamic_cast<TextIdentificationFrame *>(tag->frameList("TDRC").front());
        !            21:      UnknownFrame *tdat = static_cast<UnknownFrame *>(tag->frameList("TDAT").front());
        !            22:
        !            23: -    if(tdrc->fieldList().size() == 1 &&
        !            24: +    if(tdrc &&
        !            25: +       tdrc->fieldList().size() == 1 &&
        !            26:         tdrc->fieldList().front().size() == 4 &&
        !            27:         tdat->data().size() >= 5)
        !            28:      {

CVSweb <webmaster@jp.NetBSD.org>