Bug#1003842: buster-pu: package flac/1.3.2-3+deb10u1
Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian.org@packages.debian.org
Usertags: pu
* CVE-2020-0499: Out of bounds read due to a heap buffer overflow.
(Closes: #977764)
diff -Nru flac-1.3.2/debian/changelog flac-1.3.2/debian/changelog
--- flac-1.3.2/debian/changelog 2018-05-16 22:35:01.000000000 +0300
+++ flac-1.3.2/debian/changelog 2022-01-16 20:54:01.000000000 +0200
@@ -1,3 +1,11 @@
+flac (1.3.2-3+deb10u1) buster; urgency=medium
+
+ * Non-maintainer upload.
+ * CVE-2020-0499: Out of bounds read due to a heap buffer overflow.
+ (Closes: #977764)
+
+ -- Adrian Bunk <bunk@debian.org> Sun, 16 Jan 2022 20:54:01 +0200
+
flac (1.3.2-3) unstable; urgency=medium
* Use my debian account in Uploaders field and
diff -Nru flac-1.3.2/debian/patches/0001-libFLAC-bitreader.c-Fix-out-of-bounds-read.patch flac-1.3.2/debian/patches/0001-libFLAC-bitreader.c-Fix-out-of-bounds-read.patch
--- flac-1.3.2/debian/patches/0001-libFLAC-bitreader.c-Fix-out-of-bounds-read.patch 1970-01-01 02:00:00.000000000 +0200
+++ flac-1.3.2/debian/patches/0001-libFLAC-bitreader.c-Fix-out-of-bounds-read.patch 2022-01-16 20:53:21.000000000 +0200
@@ -0,0 +1,28 @@
+From 2b3dcc9e6c3fcba41fd1fb795e43419c22e03eb5 Mon Sep 17 00:00:00 2001
+From: Erik de Castro Lopo <erikd@mega-nerd.com>
+Date: Mon, 7 Oct 2019 12:55:58 +1100
+Subject: libFLAC/bitreader.c: Fix out-of-bounds read
+
+Credit: Oss-Fuzz
+Issue: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=17069
+Testcase: fuzzer_decoder-5670265022840832
+---
+ src/libFLAC/bitreader.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/libFLAC/bitreader.c b/src/libFLAC/bitreader.c
+index ab62d414..8969714e 100644
+--- a/src/libFLAC/bitreader.c
++++ b/src/libFLAC/bitreader.c
+@@ -859,7 +859,7 @@ incomplete_lsbs:
+ cwords = br->consumed_words;
+ words = br->words;
+ ucbits = FLAC__BITS_PER_WORD - br->consumed_bits;
+- b = br->buffer[cwords] << br->consumed_bits;
++ b = cwords < br->capacity ? br->buffer[cwords] << br->consumed_bits : 0;
+ } while(cwords >= words && val < end);
+ }
+
+--
+2.20.1
+
diff -Nru flac-1.3.2/debian/patches/series flac-1.3.2/debian/patches/series
--- flac-1.3.2/debian/patches/series 2018-05-16 21:55:07.000000000 +0300
+++ flac-1.3.2/debian/patches/series 2022-01-16 20:53:49.000000000 +0200
@@ -4,3 +4,4 @@
0050-stream_decoder.c-Fix-a-memory-leak.patch
0051-metaflac-Fix-a-memory-leak.patch
0001-remove-build-path-from-generated-FLAC.tag-file.patch
+0001-libFLAC-bitreader.c-Fix-out-of-bounds-read.patch
Reply to: