gentoo resync : 06.05.2018

1 files changed, 41 insertions, 0 deletions

diff --git a/media-libs/libmp3splt/files/CVE-2017-15185.patch b/media-libs/libmp3splt/files/CVE-2017-15185.patch
new file mode 100644
index 000000000000..b31a92d0c452
--- /dev/null
+++ b/media-libs/libmp3splt/files/CVE-2017-15185.patch
@@ -0,0 +1,41 @@
+diff --git a/libmp3splt/plugins/ogg.c b/libmp3splt/plugins/ogg.c
+index 50cc495..57745f1 100644
+--- a/libmp3splt/plugins/ogg.c
++++ b/libmp3splt/plugins/ogg.c
+@@ -212,26 +212,36 @@ static splt_ogg_state *splt_ogg_v_new(int *error)
+     goto error;
+   }
+   memset(oggstate, 0, sizeof(splt_ogg_state));
++
+   if ((oggstate->sync_in = malloc(sizeof(ogg_sync_state)))==NULL)
+   {
+     goto error;
+   }
++  memset(oggstate->sync_in, 0, sizeof(ogg_sync_state));
++
+   if ((oggstate->stream_in = malloc(sizeof(ogg_stream_state)))==NULL)
+   {
+     goto error;
+   }
++  memset(oggstate->stream_in, 0, sizeof(ogg_stream_state));
++
+   if ((oggstate->vd = malloc(sizeof(vorbis_dsp_state)))==NULL)
+   {
+     goto error;
+   }
++  memset(oggstate->vd, 0, sizeof(vorbis_dsp_state));
++
+   if ((oggstate->vi = malloc(sizeof(vorbis_info)))==NULL)
+   {
+     goto error;
+   }
++  memset(oggstate->vi, 0, sizeof(vorbis_info));
++
+   if ((oggstate->vb = malloc(sizeof(vorbis_block)))==NULL)
+   {
+     goto error;
+   }
++  memset(oggstate->vb, 0, sizeof(vorbis_block));
+ 
+   if ((oggstate->headers = malloc(sizeof(splt_v_packet) * TOTAL_HEADER_PACKETS))==NULL)
+   {