Projects
Multimedia
A_15.5-sox
CVE-2017-11359.patch
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2017-11359.patch of Package A_15.5-sox
From 8b590b3a52f4ccc4eea3f41b4a067c38b3565b60 Mon Sep 17 00:00:00 2001 From: Mans Rullgard <mans@mansr.com> Date: Sun, 5 Nov 2017 17:02:11 +0000 Subject: [PATCH] wav: fix crash writing header when channel count >64k (CVE-2017-11359) --- src/wav.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/wav.c b/src/wav.c index 3eaebfa7..fad334cf 100644 --- a/src/wav.c +++ b/src/wav.c @@ -1379,6 +1379,12 @@ static int wavwritehdr(sox_format_t * ft, int second_header) long blocksWritten = 0; sox_bool isExtensible = sox_false; /* WAVE_FORMAT_EXTENSIBLE? */ + if (ft->signal.channels > UINT16_MAX) { + lsx_fail_errno(ft, SOX_EOF, "Too many channels (%u)", + ft->signal.channels); + return SOX_EOF; + } + dwSamplesPerSecond = ft->signal.rate; wChannels = ft->signal.channels; wBitsPerSample = ft->encoding.bits_per_sample;
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.