Bug#781006: unblock: lame/3.99.5+repack1-7
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
Please unblock package lame
Dear release team,
the lame package in unstable contains some bug fixes that are
considered security-relevant. The package has already been updated in
stable as requested in #779083, but I somehow forgot to request its
transition to testing until now -- sorry.
unblock lame/3.99.5+repack1-7
-- System Information:
Debian Release: 8.0
APT prefers testing
APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
diff -Nru lame-3.99.5+repack1/debian/changelog lame-3.99.5+repack1/debian/changelog
--- lame-3.99.5+repack1/debian/changelog 2015-02-09 07:12:14.000000000 +0100
+++ lame-3.99.5+repack1/debian/changelog 2015-02-24 09:03:11.000000000 +0100
@@ -1,3 +1,13 @@
+lame (3.99.5+repack1-7) unstable; urgency=medium
+
+ * Extend Maks Naumov's patch to also include a sanity check for
+ a valid amount of input channels (Closes: #778703).
+ * Fix decision if sample rate ratio is an integer value or not
+ (Closes: #778529).
+ * Thanks to Henri Salo for the bug reports and the fuzzed samples!
+
+ -- Fabian Greffrath <fabian+debian@greffrath.com> Tue, 24 Feb 2015 09:03:07 +0100
+
lame (3.99.5+repack1-6) unstable; urgency=high
* Do not mangle CFLAGS in debian/rules anymore, leave this to
diff -Nru lame-3.99.5+repack1/debian/patches/0001-Add-check-for-invalid-input-sample-rate.patch lame-3.99.5+repack1/debian/patches/0001-Add-check-for-invalid-input-sample-rate.patch
--- lame-3.99.5+repack1/debian/patches/0001-Add-check-for-invalid-input-sample-rate.patch 2015-02-06 09:24:34.000000000 +0100
+++ lame-3.99.5+repack1/debian/patches/0001-Add-check-for-invalid-input-sample-rate.patch 2015-02-19 07:18:28.000000000 +0100
@@ -14,7 +14,7 @@
}
#endif
-+ if (gfp->samplerate_in < 0) {
++ if (gfp->samplerate_in < 0 || gfp->num_channels < 0) {
+ freegfc(gfc);
+ gfp->internal_flags = NULL;
+ return -1;
diff -Nru lame-3.99.5+repack1/debian/patches/int_resample_ratio.patch lame-3.99.5+repack1/debian/patches/int_resample_ratio.patch
--- lame-3.99.5+repack1/debian/patches/int_resample_ratio.patch 1970-01-01 01:00:00.000000000 +0100
+++ lame-3.99.5+repack1/debian/patches/int_resample_ratio.patch 2015-02-24 07:29:29.000000000 +0100
@@ -0,0 +1,29 @@
+Subject: Fix decision if sample rate ratio is an integer value or not
+ If the sample rate of the input file is sufficiently close to an
+ integer multiple of the output sample rate, the value of the intratio
+ variable is calculated incorrectly. This leads to further values
+ being miscalculated up to the joff variable which is used as an index
+ to dereference the esv->blackfilt array. This leads top an overflow
+ and causes a segmentation fault.
+Author: Fabian Greffrath <fabian+debian@greffrath.com>
+Bug-Debian: https://bugs.debian.org/778529
+
+--- a/libmp3lame/util.c
++++ b/libmp3lame/util.c
+@@ -26,6 +26,7 @@
+ # include <config.h>
+ #endif
+
++#include <float.h>
+ #include "lame.h"
+ #include "machine.h"
+ #include "encoder.h"
+@@ -544,7 +545,7 @@ fill_buffer_resample(lame_internal_flags
+ if (bpc > BPC)
+ bpc = BPC;
+
+- intratio = (fabs(resample_ratio - floor(.5 + resample_ratio)) < .0001);
++ intratio = (fabs(resample_ratio - floor(.5 + resample_ratio)) < FLT_EPSILON);
+ fcn = 1.00 / resample_ratio;
+ if (fcn > 1.00)
+ fcn = 1.00;
diff -Nru lame-3.99.5+repack1/debian/patches/series lame-3.99.5+repack1/debian/patches/series
--- lame-3.99.5+repack1/debian/patches/series 2015-02-09 07:00:07.000000000 +0100
+++ lame-3.99.5+repack1/debian/patches/series 2015-02-18 11:35:11.000000000 +0100
@@ -5,3 +5,4 @@
msse.patch
0001-Add-check-for-invalid-input-sample-rate.patch
bits_per_sample.patch
+int_resample_ratio.patch
Reply to: