From a6044ad793795c8ae37e5dee7d59d7915e81f483 Mon Sep 17 00:00:00 2001
From: Franz Pletz <fpletz@fnordicwalking.de>
Date: Sun, 19 Nov 2017 18:25:57 +0100
Subject: audiofile: add patches for multiple CVEs

Fixes:
 * CVE-2017-6827
 * CVE-2017-6828
 * CVE-2017-6829
 * CVE-2017-6830
 * CVE-2017-6831
 * CVE-2017-6832
 * CVE-2017-6833
 * CVE-2017-6834
 * CVE-2017-6835
 * CVE-2017-6836
 * CVE-2017-6837
 * CVE-2017-6838
 * CVE-2017-6839

cc #30959
---
 pkgs/development/libraries/audiofile/default.nix | 53 +++++++++++++++++++++++-
 1 file changed, 51 insertions(+), 2 deletions(-)

diff --git a/pkgs/development/libraries/audiofile/default.nix b/pkgs/development/libraries/audiofile/default.nix
index a7576e07f2dd..80aae344dcd9 100644
--- a/pkgs/development/libraries/audiofile/default.nix
+++ b/pkgs/development/libraries/audiofile/default.nix
@@ -1,4 +1,14 @@
-{ stdenv, fetchurl, alsaLib, AudioUnit, CoreServices }:
+{ stdenv, fetchurl, fetchpatch, alsaLib, AudioUnit, CoreServices }:
+
+let
+
+  fetchDebianPatch = { name, debname, sha256 }:
+    fetchpatch {
+      inherit sha256 name;
+      url = "https://anonscm.debian.org/cgit/pkg-multimedia/audiofile.git/plain/debian/patches/${debname}?h=debian/0.3.6-4";
+    };
+
+in
 
 stdenv.mkDerivation rec {
   name = "audiofile-0.3.6";
@@ -15,7 +25,46 @@ stdenv.mkDerivation rec {
     sha256 = "0rb927zknk9kmhprd8rdr4azql4gn2dp75a36iazx2xhkbqhvind";
   };
 
-  patches = [ ./CVE-2015-7747.patch ./gcc-6.patch ];
+  patches = [
+    ./gcc-6.patch
+    ./CVE-2015-7747.patch
+
+    (fetchDebianPatch {
+      name = "CVE-2017-6829.patch";
+      debname = "04_clamp-index-values-to-fix-index-overflow-in-IMA.cpp.patch";
+      sha256 = "04qxl51i64c53v69q2kx61qdq474f4vapk8rq97cipj7yrar392m";
+    })
+    (fetchDebianPatch {
+      name = "CVE-2017-6827+CVE-2017-6828+CVE-2017-6832+CVE-2017-6835+CVE-2017-6837.patch";
+      debname = "05_Always-check-the-number-of-coefficients.patch";
+      sha256 = "1ih03kfkabffi6ymp6832q470i28rsds78941vzqlshnqjb2nnxw";
+    })
+    (fetchDebianPatch {
+      name = "CVE-2017-6839.patch";
+      debname = "06_Check-for-multiplication-overflow-in-MSADPCM-decodeSam.patch";
+      sha256 = "0a8s2z8rljlj03p7l1is9s4fml8vyzvyvfrh1m6xj5a8vbi635d0";
+    })
+    (fetchDebianPatch {
+      name = "CVE-2017-6830+CVE-2017-6834+CVE-2017-6836+CVE-2017-6838.patch";
+      debname = "07_Check-for-multiplication-overflow-in-sfconvert.patch";
+      sha256 = "0rfba8rkasl5ycvc0kqlzinkl3rvyrrjvjhpc45h423wmjk2za2l";
+    })
+    (fetchDebianPatch {
+      name = "audiofile-fix-multiplyCheckOverflow-signature.patch";
+      debname = "08_Fix-signature-of-multiplyCheckOverflow.-It-returns-a-b.patch";
+      sha256 = "032p5jqp7q7jgc5axdnazz00zm7hd26z6m5j55ifs0sykr5lwldb";
+    })
+    (fetchDebianPatch {
+      name = "CVE-2017-6831.patch";
+      debname = "09_Actually-fail-when-error-occurs-in-parseFormat.patch";
+      sha256 = "0csikmj8cbiy6cigg0rmh67jrr0sgm56dfrnrxnac3m9635nxlac";
+    })
+    (fetchDebianPatch {
+      name = "CVE-2017-6833.patch";
+      debname = "10_Check-for-division-by-zero-in-BlockCodec-runPull.patch";
+      sha256 = "1rlislkjawq98bbcf1dgl741zd508wwsg85r37ca7pfdf6wgl6z7";
+    })
+  ];
 
   meta = with stdenv.lib; {
     description = "Library for reading and writing audio files in various formats";
-- 
cgit 1.4.1