diff options
author | CyberLeo <cyberleo@cyberleo.net> | 2020-03-28 05:45:52 -0500 |
---|---|---|
committer | CyberLeo <cyberleo@cyberleo.net> | 2020-03-28 05:45:52 -0500 |
commit | 9297468fa579836e3a6a381b798feb6b78217c2d (patch) | |
tree | 53168212f427afbcf0693b534530a4af803152e9 /user/sox/CVE-2017-11332.patch | |
parent | a63cc05c53a6f4c22422dc8c69808b14d87a6f6e (diff) | |
parent | da5a69b65a8791fffa6e93366ee585f87eff136d (diff) | |
download | packages-9297468fa579836e3a6a381b798feb6b78217c2d.tar.gz packages-9297468fa579836e3a6a381b798feb6b78217c2d.tar.bz2 packages-9297468fa579836e3a6a381b798feb6b78217c2d.tar.xz packages-9297468fa579836e3a6a381b798feb6b78217c2d.zip |
Merge branch 'master' into zfs
Diffstat (limited to 'user/sox/CVE-2017-11332.patch')
-rw-r--r-- | user/sox/CVE-2017-11332.patch | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/user/sox/CVE-2017-11332.patch b/user/sox/CVE-2017-11332.patch new file mode 100644 index 000000000..511049d8e --- /dev/null +++ b/user/sox/CVE-2017-11332.patch @@ -0,0 +1,28 @@ +From 6e177c455fb554327ff8125b6e6dde1568610abe Mon Sep 17 00:00:00 2001 +From: Mans Rullgard <mans@mansr.com> +Date: Sun, 5 Nov 2017 16:29:28 +0000 +Subject: [PATCH] wav: fix crash if channel count is zero (CVE-2017-11332) + +--- + src/wav.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/src/wav.c b/src/wav.c +index 5202556c..71fd52ac 100644 +--- a/src/wav.c ++++ b/src/wav.c +@@ -712,6 +712,11 @@ static int startread(sox_format_t * ft) + else + lsx_report("User options overriding channels read in .wav header"); + ++ if (ft->signal.channels == 0) { ++ lsx_fail_errno(ft, SOX_EHDR, "Channel count is zero"); ++ return SOX_EOF; ++ } ++ + if (ft->signal.rate == 0 || ft->signal.rate == dwSamplesPerSecond) + ft->signal.rate = dwSamplesPerSecond; + else +-- +2.25.0 + |