From ebce8994fe3cc4ca9fbc96ca837cb4c4e98adcbd Mon Sep 17 00:00:00 2001
From: V3n3RiX <venerix@redcorelinux.org>
Date: Sun, 6 May 2018 11:18:16 +0100
Subject: gentoo resync : 06.05.2018

---
 media-libs/libmp3splt/files/CVE-2017-15185.patch | 41 ++++++++++++++++++++++++
 1 file changed, 41 insertions(+)
 create mode 100644 media-libs/libmp3splt/files/CVE-2017-15185.patch

(limited to 'media-libs/libmp3splt/files')

diff --git a/media-libs/libmp3splt/files/CVE-2017-15185.patch b/media-libs/libmp3splt/files/CVE-2017-15185.patch
new file mode 100644
index 000000000000..b31a92d0c452
--- /dev/null
+++ b/media-libs/libmp3splt/files/CVE-2017-15185.patch
@@ -0,0 +1,41 @@
+diff --git a/libmp3splt/plugins/ogg.c b/libmp3splt/plugins/ogg.c
+index 50cc495..57745f1 100644
+--- a/libmp3splt/plugins/ogg.c
++++ b/libmp3splt/plugins/ogg.c
+@@ -212,26 +212,36 @@ static splt_ogg_state *splt_ogg_v_new(int *error)
+     goto error;
+   }
+   memset(oggstate, 0, sizeof(splt_ogg_state));
++
+   if ((oggstate->sync_in = malloc(sizeof(ogg_sync_state)))==NULL)
+   {
+     goto error;
+   }
++  memset(oggstate->sync_in, 0, sizeof(ogg_sync_state));
++
+   if ((oggstate->stream_in = malloc(sizeof(ogg_stream_state)))==NULL)
+   {
+     goto error;
+   }
++  memset(oggstate->stream_in, 0, sizeof(ogg_stream_state));
++
+   if ((oggstate->vd = malloc(sizeof(vorbis_dsp_state)))==NULL)
+   {
+     goto error;
+   }
++  memset(oggstate->vd, 0, sizeof(vorbis_dsp_state));
++
+   if ((oggstate->vi = malloc(sizeof(vorbis_info)))==NULL)
+   {
+     goto error;
+   }
++  memset(oggstate->vi, 0, sizeof(vorbis_info));
++
+   if ((oggstate->vb = malloc(sizeof(vorbis_block)))==NULL)
+   {
+     goto error;
+   }
++  memset(oggstate->vb, 0, sizeof(vorbis_block));
+ 
+   if ((oggstate->headers = malloc(sizeof(splt_v_packet) * TOTAL_HEADER_PACKETS))==NULL)
+   {
-- 
cgit v1.2.3