gentoo resync : 08.01.2021

author: V3n3RiX <venerix@redcorelinux.org> 2021-01-08 11:28:34 +0000
committer: V3n3RiX <venerix@redcorelinux.org> 2021-01-08 11:28:34 +0000
commit: 24fd814c326e282c4321965c31f341dad77e270d (patch)
tree: 033d63b33c21a3209964ab56005bb9bdd523630d /media-sound/wavpack
parent: 129160ec854dca4c3fedb5bcfbcb56930371da0f (diff)
3 files changed, 59 insertions, 2 deletions
diff --git a/media-sound/wavpack/Manifest b/media-sound/wavpack/Manifest
index 23a93a08223e..49a25106018d 100644
--- a/media-sound/wavpack/Manifest
+++ b/media-sound/wavpack/Manifest
@@ -1,3 +1,4 @@
+AUX wavpack-5.3.2-fix-overflows.patch 2094 BLAKE2B 8c2abe6d72109b108d1e8f4400f5c7bcb6173332ed0742a3336decc8d9a7f1c6636d36411087c477c5d33fc36947e0bf3dc278811e3ca2f6d980567bc70acd63 SHA512 d0310d6cd85250a1111d49defae800f99ba8eefadfb3b28c700a968d7f483b645ab86864200da616f85320a7ef113e19ec4633e96c7a3839fc53414aa6fbca47
 DIST wavpack-5.3.2.tar.gz 2047344 BLAKE2B 621414f580ef0c6f71ec411cafba5e9d3f971c9ed3fa901d92083b803fb337ad5455c8f488cc985d2203fde56572adcd2899e5a5d6e07365248ef6bfd59b591b SHA512 cff46e000c2edf0124e2f4c9577611d029f124c235bf7811a58dbd5d87a02827d25f7bd0e28d2f05fd413ee9997ba48390acfc2a91ebb53885eb2a0423994a7b
-EBUILD wavpack-5.3.2.ebuild 1017 BLAKE2B c8effcd2e290fba0ae33eb1bdfa4a0db6ab7d9a4ffd66f08e6dfdda267ec867d3213188838b960f91fd9fb80608989cc1dd5d091c6b6620d6df8e8a0d0c0e046 SHA512 57ad228698c36bc29ac4a0569507b5893795dc45aa68c3775a3d8b72b8ed58be4259a3c50f5d4b0cf98bba8f9b93e6fb47031325c9f5a557e7b1360d5af439a5
+EBUILD wavpack-5.3.2-r1.ebuild 1070 BLAKE2B 44d32a09ddbc7ba87f4af8fb53d1f57fe21525e1b50563fbf8063ab362b9e06040409ab91068a225ee4e32748ca0401b6bbea28661ef89ec985ffdc6183841a6 SHA512 c21d4e74634e9cde5ae49be7becbe7ff02dc0872caef71ffd067e73c8db5e6b008a1b5cef7673002a3684bc72c1d491d682e39bb8b43574a8572281e471c2f1d
 MISC metadata.xml 253 BLAKE2B 6426153a5fa5bbad2aaffd28a6460f87a35678319768c57ac8dfae02b2229f6278dead4f564e6bc2bfd54d7143aed95c382abc2ee16c1073e9fbaf4f84cc0fef SHA512 78b724be3e1dbd6fc3c2e92cdbacc15ea4b0e8ee6fa22f76ebdd882b3a7bbedeaf8f80a29e36ec67e0432d2dfad3f57de4bc46480f92c8e544322755292df894
diff --git a/media-sound/wavpack/files/wavpack-5.3.2-fix-overflows.patch b/media-sound/wavpack/files/wavpack-5.3.2-fix-overflows.patch
new file mode 100644
index 000000000000..fbbd40ba8bd9
--- /dev/null
+++ b/media-sound/wavpack/files/wavpack-5.3.2-fix-overflows.patch
@@ -0,0 +1,52 @@
+From 89df160596132e3bd666322e1c20b2ebd4b92cd0 Mon Sep 17 00:00:00 2001
+From: David Bryant <david@wavpack.com>
+Date: Tue, 29 Dec 2020 20:47:19 -0800
+Subject: [PATCH] issue #91: fix integer overflows resulting in buffer overruns
+ and sanitize a few more encoding parameters for clarity
+
+---
+ src/pack_utils.c | 15 ++++++++++-----
+ 1 file changed, 10 insertions(+), 5 deletions(-)
+
+diff --git a/src/pack_utils.c b/src/pack_utils.c
+index 17d9381..480ab90 100644
+--- a/src/pack_utils.c
++++ b/src/pack_utils.c
+@@ -200,8 +200,13 @@ int WavpackSetConfiguration64 (WavpackContext *wpc, WavpackConfig *config, int64
+         return FALSE;
+     }
+ 
+-    if (!num_chans) {
+-        strcpy (wpc->error_message, "channel count cannot be zero!");
++    if (num_chans <= 0 || num_chans > NEW_MAX_STREAMS * 2) {
++        strcpy (wpc->error_message, "invalid channel count!");
++        return FALSE;
++    }
++
++    if (config->block_samples && (config->block_samples < 16 || config->block_samples > 131072)) {
++        strcpy (wpc->error_message, "invalid custom block samples!");
+         return FALSE;
+     }
+ 
+@@ -523,7 +528,7 @@ int WavpackPackInit (WavpackContext *wpc)
+         if (wpc->config.num_channels == 1)
+             wpc->block_samples *= 2;
+ 
+-        while (wpc->block_samples > 12000 && wpc->block_samples * wpc->config.num_channels > 300000)
++        while (wpc->block_samples > 12000 && (int64_t) wpc->block_samples * wpc->config.num_channels > 300000)
+             wpc->block_samples /= 2;
+     }
+     else {
+@@ -534,10 +539,10 @@ int WavpackPackInit (WavpackContext *wpc)
+ 
+         wpc->block_samples = wpc->config.sample_rate / divisor;
+ 
+-        while (wpc->block_samples > 12000 && wpc->block_samples * wpc->config.num_channels > 75000)
++        while (wpc->block_samples > 12000 && (int64_t) wpc->block_samples * wpc->config.num_channels > 75000)
+             wpc->block_samples /= 2;
+ 
+-        while (wpc->block_samples * wpc->config.num_channels < 20000)
++        while ((int64_t) wpc->block_samples * wpc->config.num_channels < 20000)
+             wpc->block_samples *= 2;
+     }
+ 
diff --git a/media-sound/wavpack/wavpack-5.3.2.ebuild b/media-sound/wavpack/wavpack-5.3.2-r1.ebuild
index 33880cc9703d..c34faa9eee4a 100644
--- a/media-sound/wavpack/wavpack-5.3.2.ebuild
+++ b/media-sound/wavpack/wavpack-5.3.2-r1.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2020 Gentoo Authors
+# Copyright 1999-2021 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
 EAPI=7
@@ -23,6 +23,10 @@ DEPEND="${RDEPEND}"
 
 S="${WORKDIR}/WavPack-${COMMIT}"
 
+PATCHES=(
+	"${FILESDIR}/${P}-fix-overflows.patch"
+)
+
 src_prepare() {
 	default
 	eautoreconf
author	V3n3RiX <venerix@redcorelinux.org>	2021-01-08 11:28:34 +0000
committer	V3n3RiX <venerix@redcorelinux.org>	2021-01-08 11:28:34 +0000
commit	24fd814c326e282c4321965c31f341dad77e270d (patch)
tree	033d63b33c21a3209964ab56005bb9bdd523630d /media-sound/wavpack
parent	129160ec854dca4c3fedb5bcfbcb56930371da0f (diff)