media-libs/opus: Add patch for CVE-2017-0381

Gentoo-bug: 605894

Package-Manager: Portage-2.3.3, Repoman-2.3.1

diff --git a/media-libs/opus/files/opus-1.1.3-CVE-2017-0381.patch b/media-libs/opus/files/opus-1.1.3-CVE-2017-0381.patch
new file mode 100644 (file)
index 0000000..621236b
--- /dev/null
+++ b/media-libs/opus/files/opus-1.1.3-CVE-2017-0381.patch
@@ -0,0 +1,24 @@
+From 79e8f527b0344b0897a65be35e77f7885bd99409 Mon Sep 17 00:00:00 2001
+From: Felicia Lim <flim@google.com>
+Date: Thu, 28 Jul 2016 15:21:19 +0200
+Subject: [PATCH] Ensure that NLSF cannot be negative when computing a min
+ distance between them
+
+Signed-off-by: Jean-Marc Valin <jmvalin@jmvalin.ca>
+---
+ silk/NLSF_stabilize.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/silk/NLSF_stabilize.c b/silk/NLSF_stabilize.c
+index 1fa1ea3..8f3426b 100644
+--- a/silk/NLSF_stabilize.c
++++ b/silk/NLSF_stabilize.c
+@@ -130,7 +130,7 @@ void silk_NLSF_stabilize(
+ 
+         /* Keep delta_min distance between the NLSFs */
+         for( i = 1; i < L; i++ )
+-            NLSF_Q15[i] = silk_max_int( NLSF_Q15[i], NLSF_Q15[i-1] + NDeltaMin_Q15[i] );
++            NLSF_Q15[i] = silk_max_int( NLSF_Q15[i], silk_ADD_SAT16( NLSF_Q15[i-1], NDeltaMin_Q15[i] ) );
+ 
+         /* Last NLSF should be no higher than 1 - NDeltaMin[L] */
+         NLSF_Q15[L-1] = silk_min_int( NLSF_Q15[L-1], (1<<15) - NDeltaMin_Q15[L] );

diff --git a/media-libs/opus/opus-1.1.3-r1.ebuild b/media-libs/opus/opus-1.1.3-r1.ebuild
new file mode 100644 (file)
index 0000000..cfe478a
--- /dev/null
+++ b/media-libs/opus/opus-1.1.3-r1.ebuild
@@ -0,0 +1,42 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=6
+inherit multilib-minimal
+
+if [[ ${PV} == *9999 ]] ; then
+       inherit git-2
+       EGIT_REPO_URI="git://git.opus-codec.org/opus.git"
+else
+       SRC_URI="http://downloads.xiph.org/releases/${PN}/${P}.tar.gz"
+       KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86 ~amd64-fbsd"
+fi
+
+DESCRIPTION="Open codec designed for internet transmission of interactive speech and audio"
+HOMEPAGE="http://opus-codec.org/"
+SRC_URI="http://downloads.xiph.org/releases/opus/${P}.tar.gz"
+
+LICENSE="BSD-2"
+SLOT="0"
+INTRINSIC_FLAGS="cpu_flags_x86_sse neon"
+IUSE="ambisonics custom-modes doc static-libs ${INTRINSIC_FLAGS}"
+
+DEPEND="doc? ( app-doc/doxygen )"
+
+PATCHES=(
+       "${FILESDIR}"/${PN}-1.1.3-CVE-2017-0381.patch
+)
+
+multilib_src_configure() {
+       local myeconfargs=(
+               $(use_enable custom-modes)
+               $(use_enable ambisonics)
+               $(use_enable doc)
+       )
+       for i in ${INTRINSIC_FLAGS} ; do
+               use ${i} && myeconfargs+=( --enable-intrinsics )
+       done
+       ECONF_SOURCE="${S}" \
+       econf "${myeconfargs[@]}"
+}