kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
freebsd-ports/audio/libsndfile/files/patch-Check-MAX_CHANNELS-in-sndfile-deinterleave
Thomas Zander a6e226ea28 Backport patches from upstream against all currently known CVEs 
PR:		227669
Submitted by:	p5B2E9A8F@t-online.de
MFH:		2019Q1
Security:	CVE-2018-19661
		CVE-2018-19662
		CVE-2017-17456
		CVE-2017-17457
		CVE-2018-19758
2019-03-12 06:10:24 +00:00

30 lines
836 B
Text
Raw Blame History

From: "Brett T. Warden" <brett.t.warden@intel.com>
Date: Tue, 28 Aug 2018 12:01:17 -0700
Subject: Check MAX_CHANNELS in sndfile-deinterleave
Allocated buffer has space for only 16 channels. Verify that input file
meets this limit.
Fixes #397
---
programs/sndfile-deinterleave.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/programs/sndfile-deinterleave.c b/programs/sndfile-deinterleave.c
index e27593e..cb497e1 100644
--- programs/sndfile-deinterleave.c
+++ programs/sndfile-deinterleave.c
@@ -89,6 +89,13 @@ main (int argc, char **argv)
exit (1) ;
} ;
+ if (sfinfo.channels > MAX_CHANNELS)
+ { printf ("\nError : Input file '%s' has too many (%d) channels. Limit is %d.\n",
+ argv [1], sfinfo.channels, MAX_CHANNELS) ;
+ exit (1) ;
+ } ;
+
+
state.channels = sfinfo.channels ;
sfinfo.channels = 1 ;
Reference in a new issue View git blame Copy permalink