Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Backports:SLE-15-SP6
sox
CVE-2021-3643.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2021-3643.patch of Package sox
From: Helmut Grohne <helmut@subdivi.de> Subject: voc: word width should never be 0 to avoid division by zero Bug: https://sourceforge.net/p/sox/bugs/351/ Bug-Debian: https://bugs.debian.org/1010374 This patch fixes both CVE-2021-3643 and CVE-2021-23210. --- a/src/voc.c +++ b/src/voc.c @@ -614,6 +614,10 @@ v->rate = new_rate_32; ft->signal.rate = new_rate_32; lsx_readb(ft, &uc); + if (uc <= 1) { + lsx_fail_errno(ft, SOX_EFMT, "2 bits per word required"); + return (SOX_EOF); + } v->size = uc; lsx_readb(ft, &(v->channels)); lsx_readw(ft, &(v->format)); /* ANN: added format */
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor