summaryrefslogtreecommitdiff
path: root/user/sox/CVE-2017-11332.patch
diff options
context:
space:
mode:
Diffstat (limited to 'user/sox/CVE-2017-11332.patch')
-rw-r--r--user/sox/CVE-2017-11332.patch28
1 files changed, 28 insertions, 0 deletions
diff --git a/user/sox/CVE-2017-11332.patch b/user/sox/CVE-2017-11332.patch
new file mode 100644
index 000000000..511049d8e
--- /dev/null
+++ b/user/sox/CVE-2017-11332.patch
@@ -0,0 +1,28 @@
+From 6e177c455fb554327ff8125b6e6dde1568610abe Mon Sep 17 00:00:00 2001
+From: Mans Rullgard <mans@mansr.com>
+Date: Sun, 5 Nov 2017 16:29:28 +0000
+Subject: [PATCH] wav: fix crash if channel count is zero (CVE-2017-11332)
+
+---
+ src/wav.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/src/wav.c b/src/wav.c
+index 5202556c..71fd52ac 100644
+--- a/src/wav.c
++++ b/src/wav.c
+@@ -712,6 +712,11 @@ static int startread(sox_format_t * ft)
+ else
+ lsx_report("User options overriding channels read in .wav header");
+
++ if (ft->signal.channels == 0) {
++ lsx_fail_errno(ft, SOX_EHDR, "Channel count is zero");
++ return SOX_EOF;
++ }
++
+ if (ft->signal.rate == 0 || ft->signal.rate == dwSamplesPerSecond)
+ ft->signal.rate = dwSamplesPerSecond;
+ else
+--
+2.25.0
+