[Pkg-pulseaudio-devel] r125 - in /pulseaudio/trunk/debian: changelog patches/r1449-dont-allow-excessively-high-sample-rates.patch patches/r1451-add-a-missing-initialization.patch patches/series

neurocyte-guest at users.alioth.debian.org neurocyte-guest at users.alioth.debian.org
Sat May 26 22:04:07 UTC 2007


Author: neurocyte-guest
Date: Sat May 26 22:04:07 2007
New Revision: 125

URL: http://svn.debian.org/wsvn/pkg-pulseaudio/?sc=1&rev=125
Log:
Add two more DOS fix patches and mention CVE number in changelog

Added:
    pulseaudio/trunk/debian/patches/r1449-dont-allow-excessively-high-sample-rates.patch
    pulseaudio/trunk/debian/patches/r1451-add-a-missing-initialization.patch
Modified:
    pulseaudio/trunk/debian/changelog
    pulseaudio/trunk/debian/patches/series

Modified: pulseaudio/trunk/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-pulseaudio/pulseaudio/trunk/debian/changelog?rev=125&op=diff
==============================================================================
--- pulseaudio/trunk/debian/changelog (original)
+++ pulseaudio/trunk/debian/changelog Sat May 26 22:04:07 2007
@@ -23,11 +23,12 @@
   * debian/patch: r1434-dont-fail-if-hal-doesn-t-contain-any-devices
     + Added. Don't unload module-hal-detect if HAL doesn't report any devices.
              (Closes: #395893)
-  * debian/patches: Backport DOS attack fixes r1445-1450.
+  * debian/patches: Backport fixes for remote DOS vulnerabilities. Upstream
+      svn commits r1445-1452. This fixes CVE-2007-1804.
   * debian/rules: Port to CDBS.
   * debian/control: Generate -dbg packages for detached symbols.
 
- -- CJ van den Berg <cj at vdbonline.com>  Wed, 23 May 2007 10:08:50 +0200
+ -- CJ van den Berg <cj at vdbonline.com>  Sat, 26 May 2007 23:37:07 +0200
 
 pulseaudio (0.9.5-7) unstable; urgency=low
 

Added: pulseaudio/trunk/debian/patches/r1449-dont-allow-excessively-high-sample-rates.patch
URL: http://svn.debian.org/wsvn/pkg-pulseaudio/pulseaudio/trunk/debian/patches/r1449-dont-allow-excessively-high-sample-rates.patch?rev=125&op=file
==============================================================================
--- pulseaudio/trunk/debian/patches/r1449-dont-allow-excessively-high-sample-rates.patch (added)
+++ pulseaudio/trunk/debian/patches/r1449-dont-allow-excessively-high-sample-rates.patch Sat May 26 22:04:07 2007
@@ -1,0 +1,37 @@
+don't allow excessively high sample rates
+
+From: lennart <lennart at fefdeb5f-60dc-0310-8127-8f9354f1896f>
+
+git-svn-id: svn://svn.0pointer.net/pulseaudio/trunk@1449 fefdeb5f-60dc-0310-8127-8f9354f1896f
+---
+
+ src/pulse/sample.c |    1 +
+ src/pulse/sample.h |    3 +++
+ 2 files changed, 4 insertions(+), 0 deletions(-)
+
+diff --git a/src/pulse/sample.c b/src/pulse/sample.c
+index 7ca418e..b259cca 100644
+--- a/src/pulse/sample.c
++++ b/src/pulse/sample.c
+@@ -77,6 +77,7 @@ int pa_sample_spec_valid(const pa_sample_spec *spec) {
+     assert(spec);
+ 
+     if (spec->rate <= 0 ||
++        spec->rate > PA_RATE_MAX ||
+         spec->channels <= 0 ||
+         spec->channels > PA_CHANNELS_MAX ||
+         spec->format >= PA_SAMPLE_MAX ||
+diff --git a/src/pulse/sample.h b/src/pulse/sample.h
+index da32fdf..4b92873 100644
+--- a/src/pulse/sample.h
++++ b/src/pulse/sample.h
+@@ -102,6 +102,9 @@ PA_C_DECL_BEGIN
+ /** Maximum number of allowed channels */
+ #define PA_CHANNELS_MAX 32
+ 
++/** Maximum allowed sample rate */
++#define PA_RATE_MAX (48000*4)
++
+ /** Sample format */
+ typedef enum pa_sample_format {
+     PA_SAMPLE_U8,              /**< Unsigned 8 Bit PCM */

Added: pulseaudio/trunk/debian/patches/r1451-add-a-missing-initialization.patch
URL: http://svn.debian.org/wsvn/pkg-pulseaudio/pulseaudio/trunk/debian/patches/r1451-add-a-missing-initialization.patch?rev=125&op=file
==============================================================================
--- pulseaudio/trunk/debian/patches/r1451-add-a-missing-initialization.patch (added)
+++ pulseaudio/trunk/debian/patches/r1451-add-a-missing-initialization.patch Sat May 26 22:04:07 2007
@@ -1,0 +1,24 @@
+add a missing initialization that causes a crash when parsing invalid volume restoration tables (Problem identified by Luigi Auriemma, re #67)
+
+From: lennart <lennart at fefdeb5f-60dc-0310-8127-8f9354f1896f>
+
+git-svn-id: svn://svn.0pointer.net/pulseaudio/trunk@1451 fefdeb5f-60dc-0310-8127-8f9354f1896f
+---
+
+ src/modules/module-volume-restore.c |    3 ++-
+ 1 files changed, 2 insertions(+), 1 deletions(-)
+
+diff --git a/src/modules/module-volume-restore.c b/src/modules/module-volume-restore.c
+index efa59f4..97d0d5e 100644
+--- a/src/modules/module-volume-restore.c
++++ b/src/modules/module-volume-restore.c
+@@ -433,7 +433,8 @@ int pa__init(pa_core *c, pa_module*m) {
+     u->subscription = NULL;
+     u->table_file = pa_xstrdup(pa_modargs_get_value(ma, "table", NULL));
+     u->modified = 0;
+-    
++    u->sink_input_hook_slot = u->source_output_hook_slot = NULL;
++
+     m->userdata = u;
+     
+     if (load_rules(u) < 0)

Modified: pulseaudio/trunk/debian/patches/series
URL: http://svn.debian.org/wsvn/pkg-pulseaudio/pulseaudio/trunk/debian/patches/series?rev=125&op=diff
==============================================================================
--- pulseaudio/trunk/debian/patches/series (original)
+++ pulseaudio/trunk/debian/patches/series Sat May 26 22:04:07 2007
@@ -21,5 +21,7 @@
 r1445-fix-a-dos-vulnerability.patch
 r1446-fix-another-dos-vulnerability.patch
 r1448-fix-yet-another-dos-vulnerability.patch
+r1449-dont-allow-excessively-high-sample-rates.patch
 r1450-fix-a-dos-with-allocating-overly-large-silence-buffers.patch
+r1451-add-a-missing-initialization.patch
 r1452-fix-another-dos-vulnerability.patch




More information about the Pkg-pulseaudio-devel mailing list