Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
Please login to access the resource
openSUSE:Backports:SLE-15-SP6:Update
sox
CVE-2021-40426.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2021-40426.patch of Package sox
From: Helmut Grohne <helmut@subdivi.de> Subject: sphere: avoid integer underflow Link: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1434 Bug: https://sourceforge.net/p/sox/bugs/362/ Bug-Debian: https://bugs.debian.org/1012138 --- a/src/sphere.c +++ b/src/sphere.c @@ -63,7 +63,8 @@ return (SOX_EOF); } - header_size -= (strlen(buf) + 1); + bytes_read = strlen(buf); + header_size -= bytes_read >= header_size ? header_size : bytes_read + 1; while (strncmp(buf, "end_head", (size_t)8) != 0) { if (strncmp(buf, "sample_n_bytes", (size_t)14) == 0) @@ -105,7 +106,8 @@ return (SOX_EOF); } - header_size -= (strlen(buf) + 1); + bytes_read = strlen(buf); + header_size -= bytes_read >= header_size ? header_size : bytes_read + 1; } if (!bytes_per_sample)
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor