diff --git a/1111.patch b/1111.patch new file mode 100644 index 0000000..855cd9d --- /dev/null +++ b/1111.patch @@ -0,0 +1,81 @@ +From 716747fdde2c8dd6d0fca1223362ae5ce533ae38 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?J=C3=A9r=C3=B4me=20Martinez?= +Date: Thu, 11 Apr 2019 12:39:13 +0200 +Subject: [PATCH 1/2] x B1101, AVI: fix crash with some invalid streams + +--- + Source/MediaInfo/Multiple/File_Riff.cpp | 2 +- + Source/MediaInfo/Multiple/File_Riff_Elements.cpp | 3 ++- + 2 files changed, 3 insertions(+), 2 deletions(-) + +diff --git a/Source/MediaInfo/Multiple/File_Riff.cpp b/Source/MediaInfo/Multiple/File_Riff.cpp +index e54123520..626c2d3b5 100644 +--- a/Source/MediaInfo/Multiple/File_Riff.cpp ++++ b/Source/MediaInfo/Multiple/File_Riff.cpp +@@ -938,7 +938,7 @@ void File_Riff::Header_Parse() + } + + //Alignment +- if (Size_Complete%2 && !IsNotWordAligned) ++ if (Size_Complete%2 && !IsNotWordAligned && File_Offset+Buffer_Offset+Element_Offset+Size_Complete +Date: Thu, 11 Apr 2019 12:39:29 +0200 +Subject: [PATCH 2/2] x B1101, SMPTE ST 337: fix crash with some invalid + streams + +--- + Source/MediaInfo/Audio/File_SmpteSt0337.cpp | 8 +++++++- + 1 file changed, 7 insertions(+), 1 deletion(-) + +diff --git a/Source/MediaInfo/Audio/File_SmpteSt0337.cpp b/Source/MediaInfo/Audio/File_SmpteSt0337.cpp +index 7fa87b4cc..03775dcb7 100644 +--- a/Source/MediaInfo/Audio/File_SmpteSt0337.cpp ++++ b/Source/MediaInfo/Audio/File_SmpteSt0337.cpp +@@ -1158,6 +1158,7 @@ void File_SmpteSt0337::Data_Parse() + + // Parsing + int32u length_code; ++ int8u data_type_New; + Element_Begin1("Header"); + BS_Begin(); + Skip_S3(Stream_Bits, "Pa"); +@@ -1167,7 +1168,7 @@ void File_SmpteSt0337::Data_Parse() + Skip_S1( 5, "data_type_dependent"); + Skip_SB( "error_flag"); + Info_S1( 2, data_mode, "data_mode"); Param_Info2(16+4*data_mode, " bits"); +- Get_S1 ( 5, data_type, "data_type"); Param_Info1(Smpte_St0337_data_type[data_type]); ++ Get_S1 ( 5, data_type_New, "data_type"); Param_Info1(Smpte_St0337_data_type[data_type]); + if (Stream_Bits>16) + Skip_S1( 4, "reserved"); + if (Stream_Bits>20) +@@ -1177,6 +1178,11 @@ void File_SmpteSt0337::Data_Parse() + BS_End(); + Element_End0(); + ++ if (data_type_New!=data_type) ++ { ++ delete Parser; Parser=NULL; ++ data_type=data_type_New; ++ } + if (Parser==NULL) + { + switch(data_type) diff --git a/libmediainfo.spec b/libmediainfo.spec index a6bd699..e70cf65 100644 --- a/libmediainfo.spec +++ b/libmediainfo.spec @@ -2,13 +2,14 @@ Name: libmediainfo Version: 18.12 -Release: 2%{?dist} +Release: 3%{?dist} Summary: Library for supplies technical and tag information about a video or audio file Summary(ru): Библиотека для предоставления полной информации о видео или аудио файле License: BSD URL: http://mediaarea.net/MediaInfo Source0: http://mediaarea.net/download/source/%{name}/%{version}/%{name}_%{version}.tar.xz +Patch0: 1111.patch BuildRequires: cmake BuildRequires: gcc-c++ @@ -82,7 +83,7 @@ Include files and mandatory libraries for development. Файлы для разработки %{name}. %prep -%autosetup -n MediaInfoLib +%autosetup -p1 -n MediaInfoLib cp Release/ReadMe_DLL_Linux.txt ReadMe.txt mv History_DLL.txt History.txt @@ -134,6 +135,9 @@ rm -f %{buildroot}%{_libdir}/%{name}.la %{_libdir}/cmake/mediainfolib/ %changelog +* Mon Apr 22 2019 Vasiliy N. Glazov - 18.12-3 +- Fix CVE-2019-11372 + * Fri Feb 01 2019 Fedora Release Engineering - 18.12-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild