From 35b9a267502abf00fee66e8f32477a5c2abab9c6 Mon Sep 17 00:00:00 2001
From: Peter Marko <peter.marko@siemens.com>
Date: Fri, 17 Jan 2025 20:33:21 +0100
Subject: audiofile: mark CVE-2020-18781 as patched

Per [1] this CVE is already patched by commit [2].

This can be also verified with yocto build.

Running without this patch:
root@qemux86-64:~# sfconvert poc.wav output format wave
malloc(): corrupted top size
Aborted

Running with it:
root@qemux86-64:~# sfconvert poc.wav output format wave
Audio File Library: Bad number of coefficients [error 62]
Could not open file 'poc.wav' for reading.

[1] https://github.com/mpruett/audiofile/issues/56
[2] https://github.com/antlarr/audiofile/commit/c48e4c6503f7dabd41f11d4c9c7b7f8960e7f2c0

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 68f55c158e15a5d35702ae5c730586001e487f86)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 .../audiofile/files/0004-Always-check-the-number-of-coefficients.patch   | 1 +
 1 file changed, 1 insertion(+)

diff --git a/meta-oe/recipes-multimedia/audiofile/files/0004-Always-check-the-number-of-coefficients.patch b/meta-oe/recipes-multimedia/audiofile/files/0004-Always-check-the-number-of-coefficients.patch
index 282f4c01b9..17a97163f5 100644
--- a/meta-oe/recipes-multimedia/audiofile/files/0004-Always-check-the-number-of-coefficients.patch
+++ b/meta-oe/recipes-multimedia/audiofile/files/0004-Always-check-the-number-of-coefficients.patch
@@ -17,6 +17,7 @@ CVE: CVE-2017-6832
 CVE: CVE-2017-6833
 CVE: CVE-2017-6835
 CVE: CVE-2017-6837
+CVE: CVE-2020-18781
 Upstream-Status: Inactive-Upstream [lastrelease: 2013]
 Signed-off-by: Peter Marko <peter.marko@siemens.com>
 ---
-- 
cgit v1.2.3-54-g00ecf