From 2f3db338ed7bf2f9c8eafd04f9783cc839db99ee Mon Sep 17 00:00:00 2001
From: zhouwenpei <zhouwenpei050@chinasoftinc.com>
Date: Sat, 28 May 2022 11:44:45 +0800
Subject: [PATCH] fix CVE-2020-0499

(cherry picked from commit 0302c08e0d1739da40157d5e905c24e89877fc20)
---
 CVE-2020-0499.patch | 25 +++++++++++++++++++++++++
 flac.spec           |  6 +++++-
 2 files changed, 30 insertions(+), 1 deletion(-)
 create mode 100644 CVE-2020-0499.patch

diff --git a/CVE-2020-0499.patch b/CVE-2020-0499.patch
new file mode 100644
index 0000000..53556bb
--- /dev/null
+++ b/CVE-2020-0499.patch
@@ -0,0 +1,25 @@
+From 2e7931c27eb15e387da440a37f12437e35b22dd4 Mon Sep 17 00:00:00 2001
+From: Erik de Castro Lopo <erikd@mega-nerd.com>
+Date: Mon, 7 Oct 2019 12:55:58 +1100
+Subject: [PATCH] libFLAC/bitreader.c: Fix out-of-bounds read
+
+Credit: Oss-Fuzz
+Issue: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=17069
+Testcase: fuzzer_decoder-5670265022840832
+---
+ src/libFLAC/bitreader.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/libFLAC/bitreader.c b/src/libFLAC/bitreader.c
+index 5e4b59180e..3df4d02c0b 100644
+--- a/src/libFLAC/bitreader.c
++++ b/src/libFLAC/bitreader.c
+@@ -869,7 +869,7 @@ FLAC__bool FLAC__bitreader_read_rice_signed_block(FLAC__BitReader *br, int vals[
+ 			cwords = br->consumed_words;
+ 			words = br->words;
+ 			ucbits = FLAC__BITS_PER_WORD - br->consumed_bits;
+-			b = br->buffer[cwords] << br->consumed_bits;
++			b = cwords < br->capacity ? br->buffer[cwords] << br->consumed_bits : 0;
+ 		} while(cwords >= words && val < end);
+ 	}
+ 
diff --git a/flac.spec b/flac.spec
index 73484f8..152f43d 100644
--- a/flac.spec
+++ b/flac.spec
@@ -2,13 +2,14 @@
 
 Name: flac
 Version: 1.3.3
-Release: 5
+Release: 6
 Summary: encoder/decoder which support the Free Lossless Audio Codec
 License: BSD and GPLv2+ and GFDL
 Source0: http://downloads.xiph.org/releases/flac/flac-%{version}.tar.xz
 URL: http://www.xiph.org/flac/
 
 Patch0000:	CVE-2021-0561.patch
+Patch0001:	CVE-2020-0499.patch
 
 Provides: %{name}-libs
 Obsoletes: %{name}-libs
@@ -101,6 +102,9 @@ update-desktop-database &> /dev/null || :
 %doc flac-doc-devel/*
 
 %changelog
+* Sat May 28 2022 zhouwenpei <zhouwenpei1@h-partners.com> - 1.3.3-6
+- fix CVE-2020-0499
+
 * Thu Mar 31 2022 zhouwenpei <zhouwenpei1@huawei.com> - 1.3.3-5
 - fix CVE-2021-0561