Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:dirkmueller:AL:TW
sox
CVE-2017-18189.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2017-18189.patch of Package sox
Description: A corrupt header specifying zero channels would send read_channels() into an infinite loop. Prevent this by sanity checking the channel count in open_read(). Also add an upper bound to prevent overflow in multiplication. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881121 Author: Mans Rullgard <mans@mansr.com> Jaromír Mikeš <mira.mikes@seznam.cz> Forwarded: not-needed --- src/xa.c | 6 ++++++ 1 file changed, 6 insertions(+) Index: sox/src/xa.c =================================================================== --- sox.orig/src/xa.c +++ sox/src/xa.c @@ -143,6 +143,12 @@ static int startread(sox_format_t * ft) lsx_report("User options overriding rate read in .xa header"); } + if (ft->signal.channels == 0 || ft->signal.channels > UINT16_MAX) { + lsx_fail_errno(ft, SOX_EFMT, "invalid channel count %d", + ft->signal.channels); + return SOX_EOF; + } + /* Check for supported formats */ if (ft->encoding.bits_per_sample != 16) { lsx_fail_errno(ft, SOX_EFMT, "%d-bit sample resolution not supported.",
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor