9ddc42de67
CVE-2017-14245 - information-disclosure CVE-2017-14246 - information-disclosure CVE-2017-14634 - denial-of-service CVE-2017-17456 - denial-of-service CVE-2017-17457 - denial-of-service CVE-2017-8362 - denial-of-service CVE-2017-8363 - heap-overflow CVE-2017-8365 - buffer-overflow CVE-2018-13139 - stack-overflow CVE-2018-19432 - null-pointer-dereference CVE-2018-19661 - denial-of-service CVE-2018-19662 - denial-of-service CVE-2018-19758 - denial-of-service CVE-2019-3832 - denial-of-service Bump PKGREVISION.
39 lines
1.3 KiB
C
39 lines
1.3 KiB
C
$NetBSD: patch-src_alaw.c,v 1.1 2019/07/14 15:39:32 nia Exp $
|
|
|
|
Fix: CVE-2018-19662, CVE-2017-17456
|
|
|
|
Upstream commit:
|
|
https://github.com/erikd/libsndfile/commit/8ddc442d539ca775d80cdbc7af17a718634a743f.patch
|
|
|
|
--- src/alaw.c.orig 2016-04-01 21:08:52.000000000 +0000
|
|
+++ src/alaw.c
|
|
@@ -19,6 +19,7 @@
|
|
#include "sfconfig.h"
|
|
|
|
#include <math.h>
|
|
+#include <limits.h>
|
|
|
|
#include "sndfile.h"
|
|
#include "common.h"
|
|
@@ -326,7 +327,9 @@ s2alaw_array (const short *ptr, int coun
|
|
static inline void
|
|
i2alaw_array (const int *ptr, int count, unsigned char *buffer)
|
|
{ while (--count >= 0)
|
|
- { if (ptr [count] >= 0)
|
|
+ { if (ptr [count] == INT_MIN)
|
|
+ buffer [count] = alaw_encode [INT_MAX >> (16 + 4)] ;
|
|
+ else if (ptr [count] >= 0)
|
|
buffer [count] = alaw_encode [ptr [count] >> (16 + 4)] ;
|
|
else
|
|
buffer [count] = 0x7F & alaw_encode [- ptr [count] >> (16 + 4)] ;
|
|
@@ -346,7 +349,9 @@ f2alaw_array (const float *ptr, int coun
|
|
static inline void
|
|
d2alaw_array (const double *ptr, int count, unsigned char *buffer, double normfact)
|
|
{ while (--count >= 0)
|
|
- { if (ptr [count] >= 0)
|
|
+ { if (!isfinite (ptr [count]))
|
|
+ buffer [count] = 0 ;
|
|
+ else if (ptr [count] >= 0)
|
|
buffer [count] = alaw_encode [lrint (normfact * ptr [count])] ;
|
|
else
|
|
buffer [count] = 0x7F & alaw_encode [- lrint (normfact * ptr [count])] ;
|