diff --git a/0003-Fix-memory-leak-in-caf_read_header.patch b/0003-Fix-memory-leak-in-caf_read_header.patch new file mode 100644 index 0000000000000000000000000000000000000000..01b966eda4914b2a4f99d75d83ab4ec028082828 --- /dev/null +++ b/0003-Fix-memory-leak-in-caf_read_header.patch @@ -0,0 +1,65 @@ +From 65cf4511928ff0a4b387a15e10ae9f2431596cf7 Mon Sep 17 00:00:00 2001 +From: ctl-ly +Date: Thu, 29 Dec 2022 10:53:55 +0800 +Subject: [PATCH] fix1 + +--- + docs/index.md | 2 +- + include/sndfile.h.in | 4 ++-- + src/caf.c | 5 +++++ + 3 files changed, 8 insertions(+), 3 deletions(-) + +diff --git a/docs/index.md b/docs/index.md +index 3779fdf..ee6bd07 100644 +--- a/docs/index.md ++++ b/docs/index.md +@@ -194,7 +194,7 @@ long as you abide by [the license](http://www.gnu.org/copyleft/lesser.html). + Check latest version on + [GitHub Releases page](https://github.com/libsndfile/libsndfile/releases/). + +-Binatries and source packages are signed by current releaser David Seifert aka ++Binaries and source packages are signed by current releaser David Seifert aka + @SoapGentoo. You can verify signatures with his public GPG key: + + ``` +diff --git a/include/sndfile.h.in b/include/sndfile.h.in +index 917ff4b..970fb26 100644 +--- a/include/sndfile.h.in ++++ b/include/sndfile.h.in +@@ -173,6 +173,7 @@ enum + + SFC_SET_RAW_START_OFFSET = 0x1090, + ++ /* Commands reserved for dithering, which is not implemented. */ + SFC_SET_DITHER_ON_WRITE = 0x10A0, + SFC_SET_DITHER_ON_READ = 0x10A1, + +@@ -386,8 +387,7 @@ typedef struct + + /* + ** Enums and typedefs for adding dither on read and write. +-** See the html documentation for sf_command(), SFC_SET_DITHER_ON_WRITE +-** and SFC_SET_DITHER_ON_READ. ++** Reserved for future implementation. + */ + + enum +diff --git a/src/caf.c b/src/caf.c +index 45b1dba..6b2e579 100644 +--- a/src/caf.c ++++ b/src/caf.c +@@ -416,6 +416,11 @@ caf_read_header (SF_PRIVATE *psf) + return SFE_CAF_BAD_PEAK ; + } ; + ++ if (psf->peak_info) ++ { psf_log_printf (psf, "*** Found existing peak info, using last one.\n") ; ++ free (psf->peak_info) ; ++ psf->peak_info = NULL ; ++ }; + if ((psf->peak_info = peak_info_calloc (psf->sf.channels)) == NULL) + return SFE_MALLOC_FAILED ; + +-- +2.27.0 + diff --git a/libsndfile.spec b/libsndfile.spec index 1d869da0bda16af801faa06c1fe9105b471b945a..fb29a5dbe6339b058f4bb7bbf89e15d40e6f9c43 100644 --- a/libsndfile.spec +++ b/libsndfile.spec @@ -1,6 +1,6 @@ Name: libsndfile Version: 1.0.31 -Release: 2 +Release: 3 Summary: Library for reading and writing sound files License: LGPLv2+ and GPLv2+ and BSD URL: http://libsndfile.github.io/libsndfile @@ -12,6 +12,7 @@ BuildRequires: sqlite-devel Patch1: 0001-CVE-2021-3246.patch Patch2: 0002-CVE-2021-4156.patch +Patch3: 0003-Fix-memory-leak-in-caf_read_header.patch %description Libsndfile is a C library for reading and writing files containing @@ -116,6 +117,11 @@ LD_LIBRARY_PATH=$PWD/src/.libs make check %{_mandir}/man1/sndfile-salvage.1* %changelog +* Thu Dec 29 2022 liying - 1.0.31-3 +- Marked unimplemented dither enums in the header file as such. +- Fix typo +- Fix memory leak in caf_read_header + * Mon May 16 2022 zhouwenpei - 1.0.31-2 - fix CVE-2021-4156