Bump to -r2. Fixed overflow issue in Bug #57962.

2 files changed, 25 insertions, 0 deletions

diff --git a/media-sound/sox/files/digest-sox-12.17.4-r2 b/media-sound/sox/files/digest-sox-12.17.4-r2
new file mode 100644
index 000000000000..3d925bc031be
--- /dev/null
+++ b/media-sound/sox/files/digest-sox-12.17.4-r2
@@ -0,0 +1 @@
+MD5 39bdb64e06a8c456057e87eff7d0b339 sox-12.17.4.tar.gz 417497
diff --git a/media-sound/sox/files/sox-wave-overflow.patch b/media-sound/sox/files/sox-wave-overflow.patch
new file mode 100644
index 000000000000..2e7600888252
--- /dev/null
+++ b/media-sound/sox/files/sox-wave-overflow.patch
@@ -0,0 +1,24 @@
+--- wav.c.old	2002-12-31 04:19:22.000000000 +0100
++++ wav.c	2004-07-18 19:25:46.000000000 +0200
+@@ -917,6 +917,10 @@
+ 		} else if(strncmp(magic,"ICRD",4) == 0){
+ 			st_readdw(ft,&len); 
+ 			len = (len + 1) & ~1;
++			if (len > 254) {
++			    fprintf(stderr, "Possible buffer overflow hack attack (ICRD)!\n");
++			    exit(109);
++			}
+ 			st_reads(ft,text,len);
+ 			if (strlen(ft->comment) + strlen(text) < 254)
+ 			{
+@@ -926,6 +930,10 @@
+ 		} else if(strncmp(magic,"ISFT",4) == 0){
+ 			st_readdw(ft,&len); 
+ 			len = (len + 1) & ~1;
++			if (len > 254) {
++			    fprintf(stderr, "Possible buffer overflow hack attack (ISFT)!\n");
++			    exit(110);
++			}
+ 			st_reads(ft,text,len);
+ 			if (strlen(ft->comment) + strlen(text) < 254)
+ 			{