From 2272f43516da3b21db1048c3b8ffdc96a084c175 Mon Sep 17 00:00:00 2001
From: Leonardo Arena <rnalrd@alpinelinux.org>
Date: Tue, 18 Sep 2018 13:27:34 +0000
Subject: main/libsndfile: security fix (CVE-2018-13139)

Partially fixes #9232
---
 main/libsndfile/CVE-2018-13139.patch | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)
 create mode 100644 main/libsndfile/CVE-2018-13139.patch

(limited to 'main/libsndfile/CVE-2018-13139.patch')

diff --git a/main/libsndfile/CVE-2018-13139.patch b/main/libsndfile/CVE-2018-13139.patch
new file mode 100644
index 0000000000..f75843267b
--- /dev/null
+++ b/main/libsndfile/CVE-2018-13139.patch
@@ -0,0 +1,31 @@
+From df18323c622b54221ee7ace74b177cdcccc152d7 Mon Sep 17 00:00:00 2001
+From: "Brett T. Warden" <brett.t.warden@intel.com>
+Date: Tue, 28 Aug 2018 12:01:17 -0700
+Subject: [PATCH] Check MAX_CHANNELS in sndfile-deinterleave
+
+Allocated buffer has space for only 16 channels. Verify that input file
+meets this limit.
+
+Fixes #397
+---
+ programs/sndfile-deinterleave.c | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+diff --git a/programs/sndfile-deinterleave.c b/programs/sndfile-deinterleave.c
+index 53660310..225b4d54 100644
+--- a/programs/sndfile-deinterleave.c
++++ b/programs/sndfile-deinterleave.c
+@@ -89,6 +89,13 @@ main (int argc, char **argv)
+ 		exit (1) ;
+ 		} ;
+ 
++	if (sfinfo.channels > MAX_CHANNELS)
++	{	printf ("\nError : Input file '%s' has too many (%d) channels. Limit is %d.\n",
++			argv [1], sfinfo.channels, MAX_CHANNELS) ;
++		exit (1) ;
++		} ;
++
++
+ 	state.channels = sfinfo.channels ;
+ 	sfinfo.channels = 1 ;
+ 
-- 
cgit v1.2.3