I hereby claim:
- I am adhokshajmishra on github.
- I am adhokshajmishra (https://keybase.io/adhokshajmishra) on keybase.
- I have a public key ASCQTl3KRGd4D9qoyjVXIbJUjg0rYxfaSSC7LDps5t-4pgo
To claim this, I am signing this object:
Adhokshaj Mishra adhokshajmishra
adhokshajmishra
/ lame_3.99.5_cve_2017_9412.patch
Created
August 25, 2017 11:59
Patch for CVE-2017-9412 in LAME 3.99.5
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diff --git a/frontend/get_audio.c b/frontend/get_audio.c | |
| index 79a684e..babd027 100644 | |
| --- a/frontend/get_audio.c | |
| +++ b/frontend/get_audio.c | |
| @@ -1286,6 +1286,14 @@ read_samples_pcm(FILE * musicin, int sample_buffer[2304], int samples_to_read) | |
| } | |
| return -1; | |
| } | |
| + | |
| + // make sure samples_to_read <= 2304 |
adhokshajmishra
/ lame_3.99.5_cve_2017_9410.patch
Created
August 25, 2017 10:28
Patch for CVE-2017-9410 in LAME 3.99.5 [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9410]
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diff --git a/libmp3lame/util.c b/libmp3lame/util.c | |
| index e0d48d3..adde6c4 100644 | |
| --- a/libmp3lame/util.c | |
| +++ b/libmp3lame/util.c | |
| @@ -533,6 +533,10 @@ fill_buffer_resample(lame_internal_flags * gfc, | |
| SessionConfig_t const *const cfg = &gfc->cfg; | |
| EncStateVar_t *esv = &gfc->sv_enc; | |
| double resample_ratio = (double)cfg->samplerate_in / (double)cfg->samplerate_out; | |
| + | |
| + if (resample_ratio < 0.0) |
adhokshajmishra
/ libgig_4.0.0_cve_2017_12952.patch
Created
August 25, 2017 05:54
Patch for CVE-2017-12952 in Libgig 4.0.0
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diff --git a/src/helper.h b/src/helper.h | |
| index 8fe62a6..b49eb81 100644 | |
| --- a/src/helper.h | |
| +++ b/src/helper.h | |
| @@ -142,11 +142,19 @@ inline void SwapMemoryArea(void* pData, unsigned long AreaSize, uint WordSize) { | |
| inline void LoadString(RIFF::Chunk* ck, std::string& s) { | |
| if (ck) { | |
| const char* str = (char*)ck->LoadChunkData(); | |
| - int size = ck->GetSize(); | |
| - int len; |
adhokshajmishra
/ libgig_4.0.0_cve_2017_12950.patch
Created
August 25, 2017 05:08
Patch for CVE-2017-12950 in Libgig 4.0.0
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diff --git a/src/gig.cpp b/src/gig.cpp | |
| index 6a24f16..c48d650 100644 | |
| --- a/src/gig.cpp | |
| +++ b/src/gig.cpp | |
| @@ -2967,7 +2967,10 @@ namespace { | |
| if (file->GetAutoLoad()) { | |
| for (uint i = 0; i < DimensionRegions; i++) { | |
| uint32_t wavepoolindex = _3lnk->ReadUint32(); | |
| - if (file->pWavePoolTable) pDimensionRegions[i]->pSample = GetSampleFromWavePool(wavepoolindex); | |
| + if (file->pWavePoolTable && pDimensionRegions[i]) |
adhokshajmishra
/ dnstracer_1.9_cve_2017_9430.patch
Created
August 24, 2017 15:59
Patch for buffer overflow (CVE-2017-9430) in DNSTracer 1.9 [https://nvd.nist.gov/vuln/detail/CVE-2017-9430]
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diff --git a/dnstracer.c b/dnstracer.c | |
| index 167342a..872707d 100644 | |
| --- a/dnstracer.c | |
| +++ b/dnstracer.c | |
| @@ -1619,7 +1619,7 @@ main(int argc, char **argv) | |
| if (argv[0] == NULL) usage(); | |
| // check for a trailing dot | |
| - strcpy(argv0, argv[0]); | |
| + strncpy(argv0, argv[0], NS_MAXDNAME); |
adhokshajmishra
/ libvorbis_1.3.5_cve_2017_11735.patch
Last active
August 24, 2017 19:00
Patch for CVE-2017-11735 Null Pointer Dereference in Libvorbis 1.3.5 [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11735]
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diff --git a/lib/block.c b/lib/block.c | |
| index db245b3..3df4019 100644 | |
| --- a/lib/block.c | |
| +++ b/lib/block.c | |
| @@ -147,15 +147,26 @@ void _vorbis_block_ripcord(vorbis_block *vb){ | |
| int vorbis_block_clear(vorbis_block *vb){ | |
| int i; | |
| + | |
| + if (vb == NULL) |
adhokshajmishra
/ vorbis_tools_oggenc_cve_2017_11311.patch
Last active
August 24, 2017 13:55
Patch for CVE-2017-11311 Denial of Service in Oggenc (vorbis-tools) [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11331]
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diff --git a/oggenc/audio.c b/oggenc/audio.c | |
| index 477da8c..457038d 100644 | |
| --- a/oggenc/audio.c | |
| +++ b/oggenc/audio.c | |
| @@ -585,9 +585,20 @@ int wav_open(FILE *in, oe_enc_opt *opt, unsigned char *oldbuf, int buflen) | |
| wav->channel_permute = malloc(wav->channels * sizeof(int)); | |
| if (wav->channels <= 8) | |
| - /* Where we know the mappings, use them. */ | |
| - memcpy(wav->channel_permute, wav_permute_matrix[wav->channels-1], |
adhokshajmishra
/ keybase.md
Created
February 11, 2017 08:25