aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel Engberg <diizzy@FreeBSD.org>2023-11-05 20:39:54 +0000
committerDaniel Engberg <diizzy@FreeBSD.org>2023-11-05 20:40:51 +0000
commitd2378ab547da27903d0201a0fef3d272f334d0ac (patch)
tree16ab071be7be64be3ab2561e11c134ec45cb3dce
parent3308e6204714751e1e9a5021c3823a524cba69f1 (diff)
downloadports-d2378ab547da27903d0201a0fef3d272f334d0ac.tar.gz
ports-d2378ab547da27903d0201a0fef3d272f334d0ac.zip
audio/vorbis-tools: Add patch for CVE-2023-43361
-rw-r--r--audio/vorbis-tools/Makefile4
-rw-r--r--audio/vorbis-tools/files/patch-CVE-2023-4336130
2 files changed, 32 insertions, 2 deletions
diff --git a/audio/vorbis-tools/Makefile b/audio/vorbis-tools/Makefile
index c5edc2790cf1..481cb71d95bb 100644
--- a/audio/vorbis-tools/Makefile
+++ b/audio/vorbis-tools/Makefile
@@ -1,6 +1,6 @@
PORTNAME= vorbis-tools
-PORTVERSION= 1.4.2
-PORTREVISION= 3
+DISTVERSION= 1.4.2
+PORTREVISION= 4
PORTEPOCH= 3
CATEGORIES= audio
MASTER_SITES= https://downloads.xiph.org/releases/vorbis/
diff --git a/audio/vorbis-tools/files/patch-CVE-2023-43361 b/audio/vorbis-tools/files/patch-CVE-2023-43361
new file mode 100644
index 000000000000..bd6fe963410b
--- /dev/null
+++ b/audio/vorbis-tools/files/patch-CVE-2023-43361
@@ -0,0 +1,30 @@
+diff --git a/oggenc/platform.c b/oggenc/platform.c
+index 6d9f4ef..b66e47a 100644
+--- oggenc/platform.c
++++ oggenc/platform.c
+@@ -136,18 +136,22 @@ int create_directories(char *fn, int isutf8)
+ {
+ char *end, *start;
+ struct stat statbuf;
+- char *segment = malloc(strlen(fn)+1);
++ const size_t fn_len = strlen(fn);
++ char *segment = malloc(fn_len+1);
+ #ifdef _WIN32
+ wchar_t seg[MAX_PATH+1];
+ #endif
+
+ start = fn;
+ #ifdef _WIN32
+- if(strlen(fn) >= 3 && isalpha(fn[0]) && fn[1]==':')
++ // Strip drive prefix
++ if(fn_len >= 3 && isalpha(fn[0]) && fn[1]==':') {
++
+ start = start+2;
+ #endif
+
+- while((end = strpbrk(start+1, PATH_SEPS)) != NULL)
++ // Loop through path segments, creating directories if necessary
++ while((end = strpbrk(start + strspn(start, PATH_SEPS), PATH_SEPS)) != NULL)
+ {
+ int rv;
+ memcpy(segment, fn, end-fn);