From fedc905f2f73265c4108e2a4b359846d10dee66d Mon Sep 17 00:00:00 2001
From: David Seifert <soap@gentoo.org>
Date: Fri, 20 Jan 2017 19:53:40 +0100
Subject: [PATCH] media-libs/opus: Add patch for CVE-2017-0381

Gentoo-bug: 605894

Package-Manager: Portage-2.3.3, Repoman-2.3.1
---
 .../opus/files/opus-1.1.3-CVE-2017-0381.patch | 24 +++++++++++
 media-libs/opus/opus-1.1.3-r1.ebuild          | 42 +++++++++++++++++++
 2 files changed, 66 insertions(+)
 create mode 100644 media-libs/opus/files/opus-1.1.3-CVE-2017-0381.patch
 create mode 100644 media-libs/opus/opus-1.1.3-r1.ebuild

diff --git a/media-libs/opus/files/opus-1.1.3-CVE-2017-0381.patch b/media-libs/opus/files/opus-1.1.3-CVE-2017-0381.patch
new file mode 100644
index 000000000000..621236b5855c
--- /dev/null
+++ b/media-libs/opus/files/opus-1.1.3-CVE-2017-0381.patch
@@ -0,0 +1,24 @@
+From 79e8f527b0344b0897a65be35e77f7885bd99409 Mon Sep 17 00:00:00 2001
+From: Felicia Lim <flim@google.com>
+Date: Thu, 28 Jul 2016 15:21:19 +0200
+Subject: [PATCH] Ensure that NLSF cannot be negative when computing a min
+ distance between them
+
+Signed-off-by: Jean-Marc Valin <jmvalin@jmvalin.ca>
+---
+ silk/NLSF_stabilize.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/silk/NLSF_stabilize.c b/silk/NLSF_stabilize.c
+index 1fa1ea3..8f3426b 100644
+--- a/silk/NLSF_stabilize.c
++++ b/silk/NLSF_stabilize.c
+@@ -130,7 +130,7 @@ void silk_NLSF_stabilize(
+ 
+         /* Keep delta_min distance between the NLSFs */
+         for( i = 1; i < L; i++ )
+-            NLSF_Q15[i] = silk_max_int( NLSF_Q15[i], NLSF_Q15[i-1] + NDeltaMin_Q15[i] );
++            NLSF_Q15[i] = silk_max_int( NLSF_Q15[i], silk_ADD_SAT16( NLSF_Q15[i-1], NDeltaMin_Q15[i] ) );
+ 
+         /* Last NLSF should be no higher than 1 - NDeltaMin[L] */
+         NLSF_Q15[L-1] = silk_min_int( NLSF_Q15[L-1], (1<<15) - NDeltaMin_Q15[L] );
diff --git a/media-libs/opus/opus-1.1.3-r1.ebuild b/media-libs/opus/opus-1.1.3-r1.ebuild
new file mode 100644
index 000000000000..cfe478ac2e0f
--- /dev/null
+++ b/media-libs/opus/opus-1.1.3-r1.ebuild
@@ -0,0 +1,42 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=6
+inherit multilib-minimal
+
+if [[ ${PV} == *9999 ]] ; then
+	inherit git-2
+	EGIT_REPO_URI="git://git.opus-codec.org/opus.git"
+else
+	SRC_URI="http://downloads.xiph.org/releases/${PN}/${P}.tar.gz"
+	KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86 ~amd64-fbsd"
+fi
+
+DESCRIPTION="Open codec designed for internet transmission of interactive speech and audio"
+HOMEPAGE="http://opus-codec.org/"
+SRC_URI="http://downloads.xiph.org/releases/opus/${P}.tar.gz"
+
+LICENSE="BSD-2"
+SLOT="0"
+INTRINSIC_FLAGS="cpu_flags_x86_sse neon"
+IUSE="ambisonics custom-modes doc static-libs ${INTRINSIC_FLAGS}"
+
+DEPEND="doc? ( app-doc/doxygen )"
+
+PATCHES=(
+	"${FILESDIR}"/${PN}-1.1.3-CVE-2017-0381.patch
+)
+
+multilib_src_configure() {
+	local myeconfargs=(
+		$(use_enable custom-modes)
+		$(use_enable ambisonics)
+		$(use_enable doc)
+	)
+	for i in ${INTRINSIC_FLAGS} ; do
+		use ${i} && myeconfargs+=( --enable-intrinsics )
+	done
+	ECONF_SOURCE="${S}" \
+	econf "${myeconfargs[@]}"
+}
-- 
2.26.2