head 1.1; access; symbols pkgsrc-2026Q1:1.1.0.16 pkgsrc-2026Q1-base:1.1 pkgsrc-2025Q4:1.1.0.14 pkgsrc-2025Q4-base:1.1 pkgsrc-2025Q3:1.1.0.12 pkgsrc-2025Q3-base:1.1 pkgsrc-2025Q2:1.1.0.10 pkgsrc-2025Q2-base:1.1 pkgsrc-2025Q1:1.1.0.8 pkgsrc-2025Q1-base:1.1 pkgsrc-2024Q4:1.1.0.6 pkgsrc-2024Q4-base:1.1 pkgsrc-2024Q3:1.1.0.4 pkgsrc-2024Q3-base:1.1 pkgsrc-2024Q2:1.1.0.2; locks; strict; comment @# @; 1.1 date 2024.08.08.07.20.54; author nia; state Exp; branches 1.1.2.1; next ; commitid Rs0l0BogNioOoZkF; 1.1.2.1 date 2024.08.08.07.20.54; author bsiegert; state dead; branches; next 1.1.2.2; commitid XCXaUYn8a9NYfblF; 1.1.2.2 date 2024.08.09.19.03.45; author bsiegert; state Exp; branches; next ; commitid XCXaUYn8a9NYfblF; desc @@ 1.1 log @opusfile: missing file from previous @ text @$NetBSD$ From: Ralph Giles Date: Tue, 6 Sep 2022 19:04:31 -0700 Subject: [PATCH] Propagate allocation failure from ogg_sync_buffer. Instead of segfault, report OP_EFAULT if ogg_sync_buffer returns a null pointer. This allows more graceful recovery by the caller in the unlikely event of a fallible ogg_malloc call. We do check the return value elsewhere in the code, so the new checks make the code more consistent. Thanks to https://github.com/xiph/opusfile/issues/36 for reporting. --- src/opusfile.c.orig 2020-06-27 00:44:15.000000000 +0000 +++ src/opusfile.c @@@@ -148,6 +148,7 @@@@ static int op_get_data(OggOpusFile *_of, int nbytes; OP_ASSERT(_nbytes>0); buffer=(unsigned char *)ogg_sync_buffer(&_of->oy,_nbytes); + if(OP_UNLIKELY(buffer==NULL))return OP_EFAULT; nbytes=(int)(*_of->callbacks.read)(_of->stream,buffer,_nbytes); OP_ASSERT(nbytes<=_nbytes); if(OP_LIKELY(nbytes>0))ogg_sync_wrote(&_of->oy,nbytes); @@@@ -1527,6 +1528,7 @@@@ static int op_open1(OggOpusFile *_of, if(_initial_bytes>0){ char *buffer; buffer=ogg_sync_buffer(&_of->oy,(long)_initial_bytes); + if(OP_UNLIKELY(buffer==NULL))return OP_EFAULT; memcpy(buffer,_initial_data,_initial_bytes*sizeof(*buffer)); ogg_sync_wrote(&_of->oy,(long)_initial_bytes); } @ 1.1.2.1 log @file patch-CVE-2022-47021 was added on branch pkgsrc-2024Q2 on 2024-08-09 19:03:45 +0000 @ text @d1 33 @ 1.1.2.2 log @Pullup ticket #6888 - requested by nia audio/opusfile: security fix Revisions pulled up: - audio/opusfile/Makefile 1.13 - audio/opusfile/distinfo 1.14 - audio/opusfile/patches/patch-CVE-2022-47021 1.1 --- Module Name: pkgsrc Committed By: nia Date: Wed Aug 7 22:34:40 UTC 2024 Modified Files: pkgsrc/audio/opusfile: Makefile distinfo Log Message: opusfile: Apply patch for CVE-2022-47021 --- Module Name: pkgsrc Committed By: nia Date: Thu Aug 8 07:20:54 UTC 2024 Added Files: pkgsrc/audio/opusfile/patches: patch-CVE-2022-47021 Log Message: opusfile: missing file from previous @ text @a0 33 $NetBSD: patch-CVE-2022-47021,v 1.1 2024/08/08 07:20:54 nia Exp $ From: Ralph Giles Date: Tue, 6 Sep 2022 19:04:31 -0700 Subject: [PATCH] Propagate allocation failure from ogg_sync_buffer. Instead of segfault, report OP_EFAULT if ogg_sync_buffer returns a null pointer. This allows more graceful recovery by the caller in the unlikely event of a fallible ogg_malloc call. We do check the return value elsewhere in the code, so the new checks make the code more consistent. Thanks to https://github.com/xiph/opusfile/issues/36 for reporting. --- src/opusfile.c.orig 2020-06-27 00:44:15.000000000 +0000 +++ src/opusfile.c @@@@ -148,6 +148,7 @@@@ static int op_get_data(OggOpusFile *_of, int nbytes; OP_ASSERT(_nbytes>0); buffer=(unsigned char *)ogg_sync_buffer(&_of->oy,_nbytes); + if(OP_UNLIKELY(buffer==NULL))return OP_EFAULT; nbytes=(int)(*_of->callbacks.read)(_of->stream,buffer,_nbytes); OP_ASSERT(nbytes<=_nbytes); if(OP_LIKELY(nbytes>0))ogg_sync_wrote(&_of->oy,nbytes); @@@@ -1527,6 +1528,7 @@@@ static int op_open1(OggOpusFile *_of, if(_initial_bytes>0){ char *buffer; buffer=ogg_sync_buffer(&_of->oy,(long)_initial_bytes); + if(OP_UNLIKELY(buffer==NULL))return OP_EFAULT; memcpy(buffer,_initial_data,_initial_bytes*sizeof(*buffer)); ogg_sync_wrote(&_of->oy,(long)_initial_bytes); } @