!7 [sync] PR-6: fix CVE-2020-23903

From: @openeuler-sync-bot Reviewed-by: @xiezhipeng1 Signed-off-by: @xiezhipeng1
2022-06-07 01:44:59 +00:00 · 2022-06-07 01:44:59 +00:00 · fafd751179
commit fafd751179
parent 24d3104d53 c289c60667
2 changed files with 35 additions and 1 deletions
--- a/backport-CVE-2020-23903.patch
+++ b/backport-CVE-2020-23903.patch
@ -0,0 +1,26 @@
+From 870ff845b32f314aec0036641ffe18aba4916887 Mon Sep 17 00:00:00 2001
+From: Tristan Matthews <tmatth@videolan.org>
+Date: Mon, 13 Jul 2020 23:25:03 -0400
+Subject: [PATCH] wav_io: guard against invalid channel numbers
+
+Fixes #13
+---
+ src/wav_io.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/wav_io.c b/src/wav_io.c
+index c2e2bc8..4d77cd7 100644
+--- a/src/wav_io.c
+++ b/src/wav_io.c
+@@ -108,7 +108,7 @@ int read_wav_header(FILE *file, int *rate, int *channels, int *format, spx_int32
+    stmp = le_short(stmp);
+    *channels = stmp;
+ 
+-   if (stmp>2)
+   if (stmp>2 || stmp<1)
+    {
+       fprintf (stderr, "Only mono and (intensity) stereo supported\n");
+       return -1;
+-- 
+1.8.3.1
+
--- a/speex.spec
+++ b/speex.spec
@ -1,11 +1,13 @@
 Name:		speex
 Version:	1.2.0
-Release:	4
+Release:	5
 Summary:	A Free Codec For Free Speech
 License:	BSD
 URL:		https://www.speex.org/
 Source0:	http://downloads.us.xiph.org/releases/speex/%{name}-%{version}.tar.gz

+Patch6000:      backport-CVE-2020-23903.patch
+
 BuildRequires: gcc git pkgconfig(ogg) pkgconfig(speexdsp)

 Obsoletes: %{name}-tools
@ -67,6 +69,12 @@ This package is the development and  files for speex.
 %{_mandir}/man1/speexdec.1.gz

 %changelog
+* Mon Jun 06 2022 shixuantong<shixuantong@h-partners.com> - 1.2.0-5
+- Type:CVE
+- ID:CVE-2020-23903
+- SUG:NA
+- DESC:fix CVE-2020-23903
+
 * Fri Sep 27 2019 shenyangyang<shenyangyang4@huawei.com> - 1.2.0-4
 - Type:enhancement
 - ID:NA