diff options
| author | Leonardo Arena <rnalrd@alpinelinux.org> | 2018-09-18 13:27:34 +0000 |
|---|---|---|
| committer | Leonardo Arena <rnalrd@alpinelinux.org> | 2018-09-18 13:27:38 +0000 |
| commit | 2272f43516da3b21db1048c3b8ffdc96a084c175 (patch) | |
| tree | c057611963c4ad1ae827a19a1e0c808d14bfdab2 /main/libsndfile/CVE-2018-13139.patch | |
| parent | afe0110ff4d7c57358973a579df6686478b5e659 (diff) | |
| download | aports-2272f43516da3b21db1048c3b8ffdc96a084c175.tar.bz2 aports-2272f43516da3b21db1048c3b8ffdc96a084c175.tar.xz | |
main/libsndfile: security fix (CVE-2018-13139)
Partially fixes #9232
Diffstat (limited to 'main/libsndfile/CVE-2018-13139.patch')
| -rw-r--r-- | main/libsndfile/CVE-2018-13139.patch | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/main/libsndfile/CVE-2018-13139.patch b/main/libsndfile/CVE-2018-13139.patch new file mode 100644 index 0000000000..f75843267b --- /dev/null +++ b/main/libsndfile/CVE-2018-13139.patch @@ -0,0 +1,31 @@ +From df18323c622b54221ee7ace74b177cdcccc152d7 Mon Sep 17 00:00:00 2001 +From: "Brett T. Warden" <brett.t.warden@intel.com> +Date: Tue, 28 Aug 2018 12:01:17 -0700 +Subject: [PATCH] Check MAX_CHANNELS in sndfile-deinterleave + +Allocated buffer has space for only 16 channels. Verify that input file +meets this limit. + +Fixes #397 +--- + programs/sndfile-deinterleave.c | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/programs/sndfile-deinterleave.c b/programs/sndfile-deinterleave.c +index 53660310..225b4d54 100644 +--- a/programs/sndfile-deinterleave.c ++++ b/programs/sndfile-deinterleave.c +@@ -89,6 +89,13 @@ main (int argc, char **argv) + exit (1) ; + } ; + ++ if (sfinfo.channels > MAX_CHANNELS) ++ { printf ("\nError : Input file '%s' has too many (%d) channels. Limit is %d.\n", ++ argv [1], sfinfo.channels, MAX_CHANNELS) ; ++ exit (1) ; ++ } ; ++ ++ + state.channels = sfinfo.channels ; + sfinfo.channels = 1 ; + |