summaryrefslogtreecommitdiffstats
path: root/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2018-13139.patch
blob: 707373d41400556267d834166efa04aa8d110a82 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
CVE: CVE-2018-13139
Upstream-Status: Backport [9dc989eb89cd697e19897afa616d6ab0debe4822]
Signed-off-by: Ross Burton <ross.burton@intel.com>

From 9dc989eb89cd697e19897afa616d6ab0debe4822 Mon Sep 17 00:00:00 2001
From: "Brett T. Warden" <brett.t.warden@intel.com>
Date: Tue, 28 Aug 2018 12:01:17 -0700
Subject: [PATCH] Check MAX_CHANNELS in sndfile-deinterleave

Allocated buffer has space for only 16 channels. Verify that input file
meets this limit.

Fixes #397
---
 programs/sndfile-deinterleave.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/programs/sndfile-deinterleave.c b/programs/sndfile-deinterleave.c
index e27593e2..cb497e1f 100644
--- a/programs/sndfile-deinterleave.c
+++ b/programs/sndfile-deinterleave.c
@@ -89,6 +89,13 @@ main (int argc, char **argv)
 		exit (1) ;
 		} ;
 
+	if (sfinfo.channels > MAX_CHANNELS)
+	{	printf ("\nError : Input file '%s' has too many (%d) channels. Limit is %d.\n",
+			argv [1], sfinfo.channels, MAX_CHANNELS) ;
+		exit (1) ;
+		} ;
+
+
 	state.channels = sfinfo.channels ;
 	sfinfo.channels = 1 ;
 
-- 
2.11.0