Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12:Update
libsndfile.9560
libsndfile-wav-loop-count-fix.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File libsndfile-wav-loop-count-fix.patch of Package libsndfile.9560
From: Takashi Iwai <tiwai@suse.de> Subject: wav: Fix segfault due to invalid loop_count References: CVE-2018-19758, bsc#1117954 The psf->instrument->loop_count can be over the actual loops array size, and it leads to a segfault. Just add the loop size fix to address it. Signed-off-by: Takashi Iwai <tiwai@suse.de> --- src/wav.c | 3 +++ 1 file changed, 3 insertions(+) --- a/src/wav.c +++ b/src/wav.c @@ -1096,6 +1096,9 @@ wav_write_header (SF_PRIVATE *psf, int c for (tmp = 0 ; tmp < psf->instrument->loop_count ; tmp++) { int type ; + if (tmp >= ARRAY_LEN (psf->instrument->loops)) + break; + type = psf->instrument->loops [tmp].mode ; type = (type == SF_LOOP_FORWARD ? 0 : type==SF_LOOP_BACKWARD ? 2 : type == SF_LOOP_ALTERNATING ? 1 : 32) ;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
