blob: 4ae3674df1593c09c3ec8268f7b818660941792f (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
|
From 5473aeef7875e54bd0f786fbdd259a35aaee875c Mon Sep 17 00:00:00 2001
From: Changqing Li <changqing.li@windriver.com>
Date: Wed, 10 Oct 2018 08:59:30 +0800
Subject: [PATCH] libsndfile1: patch for CVE-2018-13139
Upstream-Status: Backport [https://github.com/bwarden/libsndfile/
commit/df18323c622b54221ee7ace74b177cdcccc152d7]
CVE: CVE-2018-13139
Signed-off-by: Changqing Li <changqing.li@windriver.com>
---
programs/sndfile-deinterleave.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/programs/sndfile-deinterleave.c b/programs/sndfile-deinterleave.c
index e27593e..721bee7 100644
--- a/programs/sndfile-deinterleave.c
+++ b/programs/sndfile-deinterleave.c
@@ -89,6 +89,12 @@ main (int argc, char **argv)
exit (1) ;
} ;
+ if (sfinfo.channels > MAX_CHANNELS)
+ { printf ("\nError : Input file '%s' has too many (%d) channels. Limit is %d.\n",
+ argv [1], sfinfo.channels, MAX_CHANNELS) ;
+ exit (1) ;
+ } ;
+
state.channels = sfinfo.channels ;
sfinfo.channels = 1 ;
--
2.7.4
|