From 519c27a2bf0a693b43ce59a8376c6395b8427394 Mon Sep 17 00:00:00 2001 From: ltx Date: Thu, 14 May 2020 21:37:09 +0800 Subject: [PATCH 1/3] add fix-memory-leak-on-opening-corrupted-files.patch. --- ...mory-leak-on-opening-corrupted-files.patch | 21 +++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 fix-memory-leak-on-opening-corrupted-files.patch diff --git a/fix-memory-leak-on-opening-corrupted-files.patch b/fix-memory-leak-on-opening-corrupted-files.patch new file mode 100644 index 0000000..2f95ee2 --- /dev/null +++ b/fix-memory-leak-on-opening-corrupted-files.patch @@ -0,0 +1,21 @@ +commit cba2f967ebcc7e15d0f33e4219a1e04e2a6fc41e +Author: David Bryant +Date: Sun Dec 8 12:06:19 2019 -0800 + + fix possible memory leak on opening corrupted files + +diff --git a/src/open_utils.c b/src/open_utils.c +index 170c6eb..dfb7cf6 100644 +--- a/src/open_utils.c ++++ b/src/open_utils.c +@@ -177,6 +177,11 @@ WavpackContext *WavpackOpenFileInputEx64 (WavpackStreamReader64 *reader, void *w + return WavpackCloseFile (wpc); + } + ++ if (!wps->wphdr.block_samples) { // free blockbuff if we're going to loop again ++ free (wps->blockbuff); ++ wps->blockbuff = NULL; ++ } ++ + wps->init_done = TRUE; + } -- Gitee From e75592a96c7f7154854d39806fc1866a2ccaf7ad Mon Sep 17 00:00:00 2001 From: ltx Date: Thu, 14 May 2020 21:52:32 +0800 Subject: [PATCH 2/3] fix memory leak found by fuzz --- wavpack.spec | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/wavpack.spec b/wavpack.spec index 49521cc..ac1b7e0 100644 --- a/wavpack.spec +++ b/wavpack.spec @@ -1,6 +1,6 @@ Name: wavpack Version: 5.1.0 -Release: 11 +Release: 12 Summary: Hybrid Lossless Wavefile Compressor License: BSD Url: http://www.wavpack.com/ @@ -14,8 +14,10 @@ Patch0004: wavpack-0005-issue-30-issue-31-issue-32-no-multiple-format-chunk Patch0005: wavpack-CVE-2019-11498.patch # make sure sample rate is specified and non-zero in DFF files Patch0006: CVE-2018-19841.patch +Patch0007: fix-memory-leak-on-opening-corrupted-files.patch Patch6000: CVE-2018-19840.patch + BuildRequires: autoconf automake libtool %description @@ -72,6 +74,12 @@ autoreconf -ivf %{_mandir}/man1/*.1* %changelog +* Sat May 14 2020 lutianxiong - 5.1.0-12 +- Type:bugfix +- ID:NA +- SUG:NA +- Fix memory leak on opening corrupted files + * Sat Mar 14 2020 wangzhishun - 5.1.0-11 - Make sure sample rate is specified and non-zero in DFF files - Fix potential out-of-bounds heap read -- Gitee From f24ea936122dcab20c681fda1dae6eb638438bef Mon Sep 17 00:00:00 2001 From: ltx Date: Thu, 14 May 2020 21:59:53 +0800 Subject: [PATCH 3/3] delete empty line --- wavpack.spec | 1 - 1 file changed, 1 deletion(-) diff --git a/wavpack.spec b/wavpack.spec index ac1b7e0..fc285b0 100644 --- a/wavpack.spec +++ b/wavpack.spec @@ -17,7 +17,6 @@ Patch0006: CVE-2018-19841.patch Patch0007: fix-memory-leak-on-opening-corrupted-files.patch Patch6000: CVE-2018-19840.patch - BuildRequires: autoconf automake libtool %description -- Gitee