diff options
Diffstat (limited to 'main/lame/CVE-2017-9412_CVE-2017-11720.patch')
| -rw-r--r-- | main/lame/CVE-2017-9412_CVE-2017-11720.patch | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/main/lame/CVE-2017-9412_CVE-2017-11720.patch b/main/lame/CVE-2017-9412_CVE-2017-11720.patch new file mode 100644 index 0000000000..214ca459c6 --- /dev/null +++ b/main/lame/CVE-2017-9412_CVE-2017-11720.patch @@ -0,0 +1,17 @@ +Description: Avoid malformed wav causing floating point exception (integer divide by zero) +Author: Fabian Greffrath <fabian+debian@greffrath.com> +Bug-Debian: https://bugs.debian.org/777159 + +--- a/frontend/get_audio.c ++++ b/frontend/get_audio.c +@@ -1448,6 +1448,10 @@ parse_wave_header(lame_global_flags * gf + else { + (void) lame_set_in_samplerate(gfp, global_reader.input_samplerate); + } ++ /* avoid division by zero */ ++ if (bits_per_sample < 1) ++ return -1; ++ + global. pcmbitwidth = bits_per_sample; + global. pcm_is_unsigned_8bit = 1; + global. pcm_is_ieee_float = (format_tag == WAVE_FORMAT_IEEE_FLOAT ? 1 : 0); |